NightEagle Hacks China Tech Using Stealthy 0-Days

A highly sophisticated hacking group known as NightEagle (APT-Q-95) has launched targeted cyberattacks on China’s critical technology sectors, leveraging undisclosed Exchange vulnerabilities and memory-based malware. Since 2023, the group has focused on artificial intelligence, semiconductors, quantum computing, and military industries. These NightEagle Hacks China Technaturally, exploiting zero-days, have enabled sustained email data exfiltration from high-value targets.

NightEagle uses a custom-built Go-based malware from the Chisel family to initiate attacks. It establishes SOCKS connections over port 443 using hardcoded credentials. The group gains persistent access through a fileless attack involving ASP.NET precompiled DLLs that operate entirely in memory, bypassing traditional antivirus tools.

Researchers observed consistent operational hours from 9 PM to 6 AM Beijing time, pointing to origins in the Western 8th Time Zone. NightEagle Hacks China Technaturally through adaptive malware and dedicated infrastructure hosted on platforms like DigitalOcean and Akamai.

Read the full report at

NightEagle APT Attacking Industrial Systems by Exploiting 0-Days and With Adaptive Malware