Confucius, a long-standing hacking group operating in South Asia, has initiated a new phishing campaign targeting Pakistan with malware like WooperStealer and Anondoor. Their evolving tactics include DLL side-loading, obfuscated malware, and sophisticated exfiltration methods to evade detection and maintain operational effectiveness. #Confucius #WooperStealer #Anondoor #DLLSideLoading #Pakistan
Keypoints
- Confucius has been active since 2013, targeting government and military sectors in Pakistan and South Asia.
- The group employs spear-phishing, malicious documents, and DLL side-loading to deliver malware payloads.
- Recent campaigns involve malware families like WooperStealer and the Python-based backdoor Anondoor, which exfiltrate data and execute commands.
- Techniques such as obfuscation and layered malware variants demonstrate the groupβs adaptability and technical agility.
- Campaigns also include stealthy data exfiltration activities using timed connections to command-and-control servers.
Read More: https://thehackernews.com/2025/10/confucius-hackers-hit-pakistan-with-new.html