October 3, 2023

Researchers have spotted a new malicious actor dubbed as Mysterious Elephant operating in the Asia-Pacific region has emerged in the threat landscape in the second quarter of 2023.

Mysterious Elephant exhibits a combination of new backdoor families and distinct TTPs, which set them apart from other groups while also sharing similarities with threat actors like Confucius and SideWinder.

The findings shed light on more information related to the long-running Operation Triangulation campaign, which utilized a previously unknown iOS malware platform distributed through zero-click iMessage exploits.


The research also shows that Lazarus, a notorious hacking group, has upgraded its MATA framework and introduced a new variant of the sophisticated MATA malware family, MATAv5, in Q2 2023. The subgroup of Lazarus, BlueNoroff, focused on financial attacks and adopted new delivery methods and programming languages, including macOS malware and Rust programming.

Researchers said geopolitical influences continue to drive APT activity, with campaigns dispersed across regions like Europe, Latin America, the Middle East, and various parts of Asia.

While some threat actors stick to familiar tactics like social engineering, others have evolved, refreshing their toolsets, and expanding their activities. New advanced actors, such as those conducting the ‘Operation Triangulation’ campaign, constantly emerge.

Researchers recommended several measures to protect against targeted attacks, including timely updates of operating systems and software and up-skilling cybersecurity teams with specialized training. It is advised companies to use the latest threat intelligence information and implement Endpoint Detection and Response solutions to combat high-profile attacks and minimize the impact of incidents.

The report was documented by researchers from Kaspersky.

Leave a Reply

%d bloggers like this: