top of page
ALL POSTS
Mustang Panda Deploys Enhanced LOTUSLITE Backdoor Against India and South Korea
Key Findings Mustang Panda, a China-linked hacking group, launched coordinated campaigns in March 2026 targeting India's financial sector and South Korean policy circles The group deployed an updated LOTUSLITE v1.1 backdoor with improved obfuscation techniques and modified command structures Indian banking workers were targeted via fake HDFC Bank support files, while South Korean diplomats received spear-phishing emails impersonating a former US National Security Council offi
Apr 223 min read
Targeted Indian Users in Tax Phishing Campaign Delivering Blackmoon Malware
Key Findings: Ongoing campaign targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage operation Phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive Malware known as Blackmoon (aka KRBanker) and a legitimate enterprise tool called SyncFuture TSM used as the final payload Sophisticated attack involving anti-analysis, privilege escalation, DLL sideloading, commercial-tool repurp
Jan 262 min read
India Mandates Linking Messaging Apps to Active SIM Cards to Combat Fraud
Key Findings India's Department of Telecommunications (DoT) has ordered messaging apps to work only with active SIM cards linked to users' phone numbers to prevent fraud and misuse. The amendment to the 2024 Telecom Cyber Security Rules aims to curb fraudulent activities such as phishing, scams, and cyber fraud by preventing the misuse of telecom identifiers. Messaging apps have 90 days to implement the changes and 120 days to report compliance. Background The DoT has observe
Dec 3, 20251 min read
bottom of page
