Philippines-based military company hit by data theft breach
Incident
Summary
Hide ▲
Show ▼
A Philippines-based military company was compromised with the previously undocumented EggStreme fileless framework, exposing an organization tied to sensitive military activity to persistent intrusion risk. The activity enabled reconnaissance, lateral movement, and data theft, making the compromise significant beyond a simple foothold. Detection traced the operation back to early 2024 and it was publicly described on 2025-09-10.
Related Happenings
EvilAI malware activity spreading through fake AI apps
Malware Activity
First: 11.09.2025 21:37
Last: 11.09.2025 21:37
Sources 1
About this happening:
**EvilAI** is a **global malware activity** that uses **fake AI and productivity apps** to infect organizations across **Europe, the Americas, and AMEA**. The campaign has been as...
EvilAI malware activity spreading through fake AI apps
Malware ActivityAbout this happening: **EvilAI** is a **global malware activity** that uses **fake AI and productivity apps** to infect organizations across **Europe, the Americas, and AMEA**. The campaign has been as...
EggStreme fileless malware framework with DLL sideloading
Malware Activity
First: 10.09.2025 18:46
Last: 10.09.2025 18:46
Sources 1
How related:
The EggStreme malware family is a highly sophisticated and multi-component threat designed to achieve persistent access, lateral movement, and data exfiltration.
About this happening:
A newly documented **EggStreme** malware activity is enabling **persistent access** and **data exfiltration** on infected systems through a **fileless**, multi-stage framework. Th...
EggStreme fileless malware framework with DLL sideloading
Malware ActivityHow related: The EggStreme malware family is a highly sophisticated and multi-component threat designed to achieve persistent access, lateral movement, and data exfiltration.
About this happening: A newly documented **EggStreme** malware activity is enabling **persistent access** and **data exfiltration** on infected systems through a **fileless**, multi-stage framework. Th...
Timeline
-
10.09.2025 18:46 2 articles · 8mo ago
China-linked APT compromises Philippines-based military company with EggStreme
Initial DisclosureBitdefender attributed a China-linked APT to compromising a Philippines-based military company with EggStreme, a previously undocumented fileless malware framework that injects code directly into memory and abuses DLL sideloading. The framework’s core backdoor, EggStremeAgent, supports system reconnaissance, lateral movement, and data theft via an injected keylogger, while Bitdefender said it first detected signs of malicious activity in early 2024.
Show sources
- Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems — thehackernews.com — 10.09.2025 18:46
- Chinese APT Deploys EggStreme Fileless Malware to Breach Philippine Military Systems — thehackernews.com — 10.09.2025 18:46