Security
Daxin Malware and New Backdoor Stupig Resurface in Taiwan
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Daxin, a sophisticated backdoor linked to China, has reappeared in Taiwan, targeting a multinational high-tech manufacturer. Discovered in May 2026, it operates stealthily by hijacking legitimate TCP connections for command and control. Alongside Daxin, a new backdoor named Stupig was identified, exhibiting unique persistence techniques. Both tools share compile timestamps from early 2013, suggesting they may have been developed by the same actor. The initial access point was likely an outdated Digiwin single sign-on portal using obsolete Java Development Kit versions. The compromised host had no telemetry prior to May 12, indicating a long-term undetected presence. The resurgence of these tools highlights ongoing espionage operations against strategic targets in Taiwan.
Key Points: • Daxin malware resurfaces in Taiwan, targeting a multinational tech manufacturer. • The new backdoor Stupig shows unique persistence and execution techniques. • Initial access likely exploited outdated software, indicating long-term compromise.