TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

Chinese-affiliated cyber attackers, dubbed TIDRONE, have targeted Taiwanese drone manufacturers in an espionage-focused campaign employing custom malware like CXCLNT and CLNTEND. Details of intrusion methods remain unclear, but the assault appears to include a supply chain attack. The malware is triggered through rogue DLLs in MS Word, enabling data harvesting and control, including disabling antivirus protections. The attack signals a probable tie to an unidentified Chinese-speaking threat group.