CyberSum logo
Back

Silent Lynx Espionage Campaigns Target Diplomatic Entities

Cyber Security News by CyberSum.net
2 sources
Seqrite Labs’ APT Team has documented new campaigns from Silent Lynx, a sophisticated threat actor group known for spear-phishing operations targeting diplomatic and governmental employees. The group, also known as YoroTrooper and Sturgeon Phisher, continues its espionage activities with minimal operational security improvements. The latest campaigns, dubbed Operation Peek-A-Baku, focus on monitoring geopolitically sensitive events and targeting entities involved in cross-border infrastructure projects. The group uses malicious RAR archives and PowerShell-based reverse shells hosted on GitHub repositories to maintain persistence. Researchers believe the primary objective is gathering intelligence related to high-level diplomatic engagements.

Also Read

Yurei Ransomware Emerges: Double-Extortion Model Threatens Corporations

Security researchers at AhnLab have identified Yurei, a new ransomware group operating since September 2025. Yurei uses a double-extortion model, encrypting data and demanding ransom for stolen information. Unlike many modern ransomware groups, Yurei operates independently without relying on Ransomware-as-a-Service (RaaS) ecosystems. The malware, written in Go, performs encryption with minimal preparation and uses a dual-layer cryptographic model. Yurei’s attacks have impacted organizations in various industries, including transportation, IT software, marketing, and food and beverage. The ransom note threatens to leak or sell stolen data if victims fail to respond within five days.

By Cyber Security News by CyberSum.net