Seqrite Labs’ APT Team exposed the espionage activities of Silent Lynx, a threat group conducting phishing campaigns targeting diplomatic and infrastructure entities in Central and South Asia. Their operations focus on regional summits and strategic projects, with potential expansion to other diplomatic events. #SilentLynx #APT #GeopoliticalEspionage
Keypoints
- Silent Lynx engages in spear-phishing campaigns targeting government entities in Central and South Asia.
- The group leverages geopolitical events to craft convincing phishing lures, such as malicious RAR archives.
- Their payloads include PowerShell-based reverse shells, Silent Loader, Laplas, and SilentSweeper implants.
- Shared infrastructure and coding patterns link multiple campaigns to Silent Lynx, with C2 servers in Russia and the Netherlands.
- The threat actor primarily focuses on geopolitical intelligence gathering related to diplomatic summits and infrastructure projects.