PassiveNeuron Cyber Spies Target Organizations With Custom Malware

Explore the 'PassiveNeuron' cyber espionage, targeting sectors globally with advanced malware tools, revealing potential Chinese origins.

By Content Team

Oct 22, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A sophisticated cyber espionage campaign dubbed "PassiveNeuron" is targeting government, industrial, and financial organizations across Asia, Africa, and Latin America. The attackers deploy two custom malware tools—Neursite and NeuralExecutor—specifically designed to compromise Windows servers.

Kaspersky researchers discovered the campaign in June 2024, with new infections observed through August 2025. The malware focuses on Microsoft SQL Server software, likely exploiting vulnerabilities or brute-forcing database credentials for initial access.

While early clues pointed to Russian actors, researchers now attribute the campaign to Chinese-speaking threat groups with "low confidence," citing similarities to previous EastWind operations and the use of GitHub for command-and-control communications. Organizations should prioritize server security and patch SQL injection vulnerabilities.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Major Security Breach Exposes 1.5 Million Users on AI Social Network Moltbook

Feb 1, 2026

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

Dec 28, 2025

Chinese-Linked Hackers Target South Asian Infrastructure with Advanced Malware Arsenal

Jan 11, 2026

House Republican Revives Bill to Sanction Foreign Hackers Targeting US Infrastructure

Dec 2, 2025