Evasive Panda

Kaspersky reports that China-linked APT group Evasive Panda conducted DNS poisoning attacks from 2022 to 2024, deploying MgBot malware to steal data and maintain long-term persistence.