Palo Alto Networks

Lotus Blossom

Emissary Trojan Changelog: Did Operation Lotus Blossom Cause It to Evolve?

In December 2015, Unit 42 published a blog about a cyber espionage attack using the Emissary Trojan as a payload. Emissary is related to the Elise Trojan and the Operation Lotus Blossom attack campaign, which prompted us to start collecting additional samples of Emissary.

The oldest sample we found was created in 2009, indicating this tool has been in use for almost seven years. Of note, this is three years earlier than...

Feb 03, 2016

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.