Silent Lynx Espionage Campaigns Target Diplomatic Events

Seqrite Labs’ APT Team has documented new campaigns from Silent Lynx, a sophisticated threat actor group known for spear-phishing operations targeting diplomatic and governmental employees. The group, also known as YoroTrooper and Sturgeon Phisher, continues its espionage activities with minimal operational security improvements. The latest campaigns, dubbed Operation Peek-A-Baku, focus on monitoring geopolitically sensitive events and targeting entities involved in strategic cooperation agreements and infrastructure projects. The group uses malicious RAR archives and PowerShell-based reverse shells hosted on GitHub repositories to maintain persistence. Researchers believe the group’s primary objective is gathering intelligence related to high-level diplomatic engagements.

Latest mentioned: 11-05

Earliest mentioned: 11-04

Sources

gbhackers.com securityonline.info

Also Read

Kimsuky and Lazarus Deploy New Malware in Cyber Espionage

The Kimsuky group has been found using a new backdoor called HttpTroy, while the Lazarus Group has deployed an upgraded BLINDINGCAN RAT. Both campaigns show advanced obfuscation and persistence techniques, targeting victims in multiple regions. The Kimsuky attack used a phishing email with a VPN invoice lure, leading to a multi-stage infection. The Lazarus Group's attack, detected mid-chain, involved a new Comebacker variant and targeted two victims in a country.

11-04Read more →