A new cyber threat, “Mysterious Elephant,” has emerged in the Asia-Pacific region, as reported by cybersecurity firm Kaspersky in Q2 2023. This malicious actor stands out due to its unique combination of new backdoor families and distinct tactics, techniques, and procedures (TTPs), while also showing similarities to other threat actors like Confucius and SideWinder.
Additionally, the report uncovers details about the long-running “Operation Triangulation” campaign, which utilized an unknown iOS malware platform distributed through zero-click iMessage exploits.
The research also reveals developments within the notorious hacking group Lazarus. They have upgraded their MATA framework and introduced a new variant of the advanced MATA malware family, MATAv5, during Q2 2023.
Another subgroup of Lazarus, BlueNoroff, focused on financial attacks, adopted new delivery methods, and incorporated programming languages like macOS malware and Rust programming.
On a broader scale, Kaspersky highlights that geopolitical influences continue to drive APT activity, with campaigns spread across regions such as Europe, Latin America, the Middle East, and various parts of Asia.
David Emm, principal security researcher at Kaspersky’s Global Research and Analysis Team (GReAT), emphasized the need to stay vigilant and prepared against evolving threats. While some threat actors adhere to familiar tactics like social engineering, others constantly evolve, updating their toolsets and expanding their activities, as observed in the “Operation Triangulation” campaign.
Kaspersky recommends several measures to safeguard against targeted attacks, including timely updates of operating systems and software and providing specialized training for cybersecurity teams. Furthermore, they advise utilizing the latest threat intelligence information and implementing Endpoint Detection and Response (EDR) solutions to effectively combat high-profile attacks and minimize their impact.
