Trusted DesignAnalysis of OceanLotus activities from 2024-2026 reveals a strategic shift toward domestic espionage within Vietnam. The Vietnam-aligned APT group conducted two distinct campaigns using the SPECTRALVIPER backdoor: a supply-chain attack compromising FireAnt Metakit stock trading platform from October 2025 to March 2026, and a prolonged intrusion into a Vietnamese infrastructure and transport construction corporation from mid-2024 through January 2026. The FireAnt compromise exploited the platform's insecure update mechanism, targeting stock investors with selective deployment. This operational pivot coincides with Vietnam's Blazing Furnace anti-corruption campaign, suggesting possible alignment with domestic investigative efforts against financial crime. The group continues demonstrating sophisticated tactics despite public exposure of its front company in 2020, maintaining technical innovation in tooling and infrastructure.
Created: 2026-06-11
Indicatorsは見つかっていない。
類似するPulseは見つかりませんでした。
事実ベースの脅威アクターは見つかりませんでした。
推論ベースの脅威アクターは見つかりませんでした。
このPulseに見つかったCVEはありません。