Evasive Panda, a sophisticated threat actor known by the aliases Bronze Highland, Daggerfly, and StormBamboo, has escalated its offensive capabilities through a two-year campaign that has deployed advanced attack techniques,, including adversary-in-the-middle (AitM) attacks and DNS poisoning.
According to June 2025 research, the group maintained persistent operations between November 2022 and November 2024, targeting victims across Turkey, China, and India with evolving malware delivery mechanisms designed to evade detection.
The campaign reveals a marked evolution in the threat actor’s operational approach. Rather than relying on direct distribution methods, Evasive Panda orchestrated highly-targeted attacks using AitM techniques combined with DNS poisoning to intercept legitimate traffic and redirect victims to attacker-controlled servers.
The attackers distributed loaders disguised as legitimate application updates including SohuVA, iQIYI Video, IObit Smart Defrag, and Tencent QQ exploiting user trust in familiar software vendors to establish initial system access.
Technical Sophistication
The sophistication of Evasive Panda’s loader demonstrates significant development investment. Written in C++ using the Windows Template Library (WTL), the malware employs multiple encryption layers and obfuscation techniques to complicate analysis.
The loader uses XOR-based decryption algorithms to expose configuration elements only after execution, while all critical strings including system paths and command execution parameters remain encrypted until runtime.
Most notably, the attackers developed a novel injector enabling in-memory execution of their MgBot implant within legitimate processes.
By leveraging DLL sideloading techniques with a decade-old signed executable (evteng.exe), the group achieved persistent presence without writing primary payloads to disk. This approach significantly reduces detection surface and complicates forensic investigation.
The DNS poisoning mechanism represents the campaign’s most innovative element. Attackers manipulated DNS responses for legitimate websites, including dictionary.com, redirecting victims’ systems to attacker-controlled infrastructure based on geographical location and ISP affiliation.
The malware retrieves encrypted payloads disguised as PNG images from these poisoned domains, with payload selection tailored to the victim’s Windows version and system configuration.
The infection chain employs multi-stage execution: the initial loader decrypts shellcode and retrieves encrypted second-stage payloads through DNS-poisoned traffic.
To prevent interception and analysis, attackers implemented custom hybrid encryption combining Microsoft’s Data Protection API (DPAPI) with RC5 encryption.
This approach ensures payload decryption occurs exclusively on compromised systems, creating asymmetric advantages for defenders attempting forensic recovery.
Persistence and Attribution
Some compromised systems maintained active infections for over one year, indicating sustained operational commitment.
The attackers maintained multiple command-and-control (C2) servers active for years, suggesting deliberate infrastructure redundancy designed to preserve control despite potential takedown operations.
Attribution to Evasive Panda appears highly confident based on tactical convergence with historical operations.
The group’s consistent use of supply-chain compromise, AitM techniques, and watering-hole attacks combined with the resurgent MgBot implant with enhanced configuration elements aligns with established threat actor behaviors.
Despite technical visibility, critical operational gaps remain. Researchers have yet to determine how Evasive Panda initially compromises network infrastructure to execute DNS poisoning at scale.
Two plausible scenarios exist: either selective ISP network implants were deployed, or victim-controlled network devices (routers, firewalls) were independently compromised.
The campaign demonstrates sustained evolution within Evasive Panda’s toolkit. New loader development suggests additional capability improvements remain forthcoming.
Organizations should implement robust DNS monitoring, network segmentation limiting lateral movement potential, and endpoint detection mechanisms tuned for multi-stage shellcode execution patterns.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.