216.73.216.86

Operation Peek-a-Baku: Silent Lynx APT Targets Dushanbe with Espionage Campaign

· Published 05/11/2025 12:36 · Modified 05/11/2025 21:49

Export JSON

Essential information

Published
05/11/2025 12:36
Modified
05/11/2025 21:49
Tags
.net 2025-11-05 apt azerbaijan central asia china espionage laplas ligolo-ng powershell reverse shell russia silent loader silentsweeper
Related entities
1 intrusion sets (apt), 10 techniques (mitre), 11 others

Description

The Silent Lynx group has been conducting campaigns targeting Central Asian nations, , , and . Two main campaigns were identified: one focusing on - relations and another on - relations. The group uses various malware including scripts, .NET implants, and C++ reverse shells. They leverage spear-phishing with malicious attachments, GitHub-hosted payloads, and scheduled tasks for persistence. The campaigns aim to gather intelligence on diplomatic communications, transportation projects, and other strategic initiatives. Silent Lynx shows a pattern of targeting summit meetings and infrastructure deals in the region, with a particular focus on events in Dushanbe, Tajikistan.

External references