QiAnXin’s RedDrip team uncovered the detailed operations of the NightEagle APT group, which targets China’s key industries using advanced, adaptive malware and zero-day exploits. These highly stealthy campaigns focus on espionage within critical sectors like semiconductors, AI, and military research. #NightEagle #APTQ95
Keypoints
- NightEagle is a highly adaptive APT group with rapid infrastructure switching and advanced malware tools.
- The group focuses on espionage in China’s strategic sectors such as semiconductors, AI, and military research.
- They use custom malware, open-source tools, and fileless persistence techniques to evade detection.
- An unknown Exchange zero-day exploit is used to exfiltrate data and execute malware remotely.
- Operations occur mainly at night Beijing time, indicating possible work from North American time zones.