APT24 Uses BadAudio Malware in Ongoing Espionage Campaign

APT24 Uses BadAudio Malware in Ongoing Espionage Campaign

First seen 20 Nov 2025, 23:19 UTC MandiantBleepingcomputerGbhackersScworldTechnadu+1 96% similarity 43.2

Article Content

Browse articles
ThreatCluster

APT24, a China-linked hacking group, has been utilizing a previously undocumented malware named BadAudio in a three-year espionage campaign. This malware has been delivered through various methods, including spearphishing and supply-chain compromises, affecting over 20 legitimate public websites from November 2022 to at least September 2025.

ThreatCluster AI

Community

Browse all →