Once thought to be dormant, the China-aligned group has also been observed using the privately-sold ShadowPad backdoor for the first time
27 Mar 2025
The FamousSparrow APT group has infiltrated a trade group in the financial sector in the United States, a research institute in Mexico, and a governmental institution in Honduras, according to new ESET research.
While assisting one of the affected entities with the remediation of the attack, ESET’s experts found that the China-aligned cyberespionage outfit has hit its targets with two previously undocumented versions of their flagship backdoor called SparrowDoor. Importantly, the group was also observed using the ShadowPad backdoor for the first time.
ESET research also shows that FamousSparrow must have been hard at work developing its toolset between 2022 and 2024, which proves that the group did not cease its operations a few years ago, as had previously been thought.
What else is there to know about the group’s recent tactics, techniques, and procedures? Learn from ESET Chief Security Evangelist Tony Anscombe in the video and make sure to read the full blogpost.
Connect with us on Facebook, X, LinkedIn and Instagram.