New MQsTTang Backdoor from Mustang Panda Targets Political and Governmental Organizations

Threat Advisories

New MQsTTang Backdoor from Mustang Panda Targets Political and Governmental Organizations

Threat Level
Attack Report

Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs.

Summary

A new custom backdoor called MQsTTang, which they attribute to the Mustang Panda APT group. This backdoor is part of an ongoing campaign that began in early January 2023, and it appears to be targeting political and governmental organizations in Taiwan, Australia, Europe, and Asia. Unlike most of the group’s malware, MQsTTang doesn’t seem to be based on existing families or publicly available projects.