Kasperskyβs GReAT has uncovered the evolving tactics of the Mysterious Elephant APT group, targeting government entities across South Asia and Asia-Pacific with sophisticated malware and spear-phishing campaigns. The groupβs use of custom malware, WhatsApp data exfiltration, and open-source tool modification highlights its advanced operational capabilities. #MysteriousElephant #APT
Keypoints
- Mysterious Elephant is an advanced APT group engaging in cyber espionage against South Asian government agencies.
- The group employs custom malware, modified open-source tools, and modular attack kits to maintain stealth.
- Their operations include spear-phishing impersonating diplomatic communications and targeting WhatsApp data.
- Tools like BabShell and MemLoader HidenDesk enable remote control and in-memory payload execution, avoiding detection.
- Infrastructure relies on VPS and cloud services, complicating tracking efforts and enhancing operational scalability.