ADVERTISEMENT

Chinese state hackers plant malware inside Windows

Chinese state hackers are infiltrating operating systems to bypass antivirus detection.

chinese hacker group mustang panda

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Dec 31, 2025 Updated: 2 January 2026 3 min read

How does the malware work?

toneshell
Source: Kaspersky
  • Dynamically resolving kernel APIs to avoid static detection
  • Blocking file deletion or renaming attempts targeting its components
  • Preventing access to protected registry keys
  • Intercepting process operations and denying access to security tools
  • Manipulating Microsoft Defender’s WdFilter.sys driver so it never loads
ADVERTISEMENT

What is Mustang Panda?

Chinese hackers are ramping up attacks

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

ADVERTISEMENT