Summary: A newly identified threat actor, Silent Lynx, has been linked to cyber attacks against various entities in Kyrgyzstan and Turkmenistan, employing sophisticated strategies for espionage. Targeting embassies, law firms, and government banks, these attacks initiate through spear-phishing emails containing malicious attachments. The threat group demonstrates advanced multi-stage attack methods, drawing parallels with other known cyber adversaries.
Affected: Entities in Kyrgyzstan and Turkmenistan, including embassies, legal firms, banks, and think tanks
Keypoints :
- Silent Lynx conducts cyber attacks primarily through spear-phishing emails with malicious RAR file attachments.
- The group’s tactics involve using ISO files, C++ binaries, and PowerShell scripts for remote access and data exfiltration.
- There are notable tactical overlaps with YoroTrooper, suggesting a wider threat landscape within the Commonwealth of Independent States (CIS).
Source: https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html