A China-linked APT group known as Daggerfly exploited a vulnerability in an Apache HTTP server to deliver MgBot malware, affecting a U.S. NGO based in China. The attack showcased the group's capabilities for espionage within the country through advanced backdooring techniques and malware deployment. Due to the sensitive nature of NGO work, the attack potentially compromised internal communications and could lead to intelligence collection for future operations, demonstrating the APT group's ability to innovate and adapt their toolset for targeted cyber espionage. The exact extent of the data breach remains undisclosed, but it raises concerns about the protection of operational information that is crucial to the NGO's mission and activities in the region.
Source: https://securityaffairs.com/166102/apt/daggerfly-macma-macos-backdoor.html
"id": "chi000072524",
"linkid": "china-institute",
"type": "Cyber Attack",
"date": "7/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"