APT24, a Chinese threat actor, has conducted a three-year cyber espionage campaign using BADAUDIO, a highly obfuscated first-stage downloader. The group has evolved from broad strategic web compromises to more sophisticated tactics, including supply chain attacks and targeted phishing. They compromised a Taiwanese digital marketing firm, affecting over 1,000 domains. APT24 uses advanced techniques like control flow flattening, fingerprinting, and covert data exfiltration. The malware integrates with Cobalt Strike Beacon and employs DLL Search Order Hijacking for execution. The campaign demonstrates the actor's persistent and adaptive capabilities, highlighting the growing sophistication of Chinese cyber threats.