Intel Name: Squidoor: suspected chinese threat actor’s backdoor targets global organizations
Date of Scan: February 28, 2025
Impact: Medium
Summary: “Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations” covers a sophisticated backdoor, Squidoor (also known as FinalDraft), targeting Windows and Linux systems. Used by a Chinese threat actor, it collects sensitive information and communicates stealthily using protocols like Outlook API, DNS tunneling, and ICMP tunneling. The article highlights a new Windows variant and provides insights into its command and control (C2) communication, aiming to help cybersecurity professionals detect and mitigate this threat.
