Operation Lotus Blossom

Persistent Cyber Espionage Campaign Targets Southeast Asian Government and Military Networks

It appears that your browser does not support viewing PDF's inline, please click the download button to view it.

Get Updates

Sign up to receive emails with the latest news, research, and reports from Unit 42.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.


Recommended Resources

Unit 42 Report - Ransomware: Unlocking the Lucrative Criminal Business Model

Download the report to learn about the rise of ransomware, how adversaries are refining and improving their tactics, and what you can do to better defend your organization against them.
Santa Clara, CA, USA
  • 1
  • 11751

SilverTerrier: The Rise of Nigerian Business Email Compromise

Through our analysis, it remains clear that Nigerian cyber actors will continue to expand their attacks in terms of size, scope and capabilities. According to law enforcement organizations, the exposed losses to businesses worldwide from these threat actors are now estimated to be more than US$3 billion. Given the substantial risk these actors pose, we present techniques to enable large-scale attribution efforts to combat this threat. In doing so, we demonstrate a repeatable and sustainable process to identify SilverTerrier infrastructure and put preventive measures in place prior to the first samples of malware reaching our security products.
  • 0
  • 2919

Application Usage and Threat Report

The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
Santa Clara
  • 29
  • 8847

SILVERTERRIER: The Next Evolution in Nigerian Cybercrime

Unit 42 tracks Nigerian Threat Actors and finds they've evolved into capable and formidable adversaries successfully attacking major companies and governments.
  • 0
  • 983

BackStab: Mobile Backup Data Under Attack From Malware

Unit 42 has recently identified malware exploiting an attack technique we have named “BackStab,” in which attackers can capture private information from backup files stored on a Windows PC or Macintosh. Under default conditions, iOS devices plugged into a computer running iTunes may create an unencrypted backup file that contains many types of private information. Forensics experts have known about these backups for years and have used them to capture phone data without requiring direct access to the phone. We have found that malicious attackers are now using malware to steal data using this same technique.
Santa Clara, CA
  • 27
  • 1686