Chinese APT Campaign Targets Asia-Pacific with FDMTP Backdoor

Chinese APT Mustang Panda is conducting a months‑long espionage campaign against Asia‑Pacific and Japan organizations—notably finance—using an updated FDMTP .NET backdoor (v3.2.5.1). Attackers deliver the payload via DLL sideloading alongside legitimate binaries and use domains impersonating major CDNs; the campaign has been active since September 2025 and remained observed into May 2026, with persistence plugins and extended data retrieval behavior.