Silent Lynx is a sophisticated threat group identified by Seqrite analysts, known for its espionage campaigns against government entities in Central Asia. Tracking since 2024, the group employs various aliases such as YoroTrooper and Sturgeon Phisher. They routinely conduct spear-phishing campaigns, targeting governmental employees and utilizing fabricated communications regarding summit meetings to distribute weaponized payloads.
The operations span several nations, including Tajikistan and Azerbaijan, aligning with diplomatic interests. Seqrite documented two notable campaigns in 2025, which, while using similar methodologies, targeted distinct geopolitical relationships. The sophistication of their methodology includes a multi-stage infection process utilizing deceptive files to execute obfuscated scripts, showcasing strong operational security despite some identifiable mistakes.
Furthermore, advanced implants such as Silent Loader and SilentSweeper are employed to maintain remote access and control over compromised systems. The group’s persistent TCP connections and the use of sophisticated tools underline serious cybersecurity threats to diplomatic entities, highlighting the need for heightened defenses against such targeted attacks.
👉 Pročitaj original: Cyber Security News
