Summary: Seqrite Labs APT-Team has identified a new Advanced Persistent Threat group called Silent Lynx, linked to Kazakhstan, targeting government entities in Kyrgyzstan and neighboring nations. The group’s multi-stage campaigns involve sophisticated phishing attacks aimed at gathering intelligence on economic and diplomatic activities. Notably, they focus on crucial organizations like the National Bank of the Kyrgyz Republic using decoy documents and malicious attachments to facilitate their operations.
Affected: Government entities in Kyrgyzstan and neighboring nations
Keypoints :
- Silent Lynx employs spear-phishing attacks with decoy documents related to UN events to target key government and financial institutions.
- Attacks utilize malicious ISO files and password-protected RAR files with reverse shell executables for data exfiltration.
- The group relies on Telegram for command-and-control operations and has been linked to the Kazakhstan-based group YoroTrooper.
Source: https://securityonline.info/silent-lynx-apt-group-a-new-espionage-threat-targeting-central-asia/