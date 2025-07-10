Malicious emails purporting to be from defense officials have been sent by DoNot Team to lure recipients into clicking a Google Drive link that downloads a RAR archive containing a nefarious PDF-spoofing document, leading to the eventual execution of the LoptikMod malware, a report from the Trellix Advanced Research Center showed. Aside from pilfering data, installing other modules, receiving other commands, and delivering system information, LoptikMod also ensures covert compromise with the use of ASCII obfuscation and anti-virtual machine tactics, said researchers, who noted the inactive nature of the campaign's command-and-control server. "While historically focused on South Asia, this incident targeting South Asian embassies in Europe, indicates a clear expansion of their interests towards European diplomatic communications and intelligence," researchers added.
New DoNot Team attacks set sights on Europe
Suspected Indian advanced persistent threat operation DoNot Team, also known as APT-C-35, SECTOR02, Origami Elephant, and Viceroy Tiger, has sought to compromise a foreign affairs ministry in Europe with the LoptikMod remote access trojan as part of a likely cyberespionage campaign, according to The Hacker News.
Malicious emails purporting to be from defense officials have been sent by DoNot Team to lure recipients into clicking a Google Drive link that downloads a RAR archive containing a nefarious PDF-spoofing document, leading to the eventual execution of the LoptikMod malware, a report from the Trellix Advanced Research Center showed. Aside from pilfering data, installing other modules, receiving other commands, and delivering system information, LoptikMod also ensures covert compromise with the use of ASCII obfuscation and anti-virtual machine tactics, said researchers, who noted the inactive nature of the campaign's command-and-control server. "While historically focused on South Asia, this incident targeting South Asian embassies in Europe, indicates a clear expansion of their interests towards European diplomatic communications and intelligence," researchers added.
