SECURITYTHE HACKER NEWS
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor OceanLotus has been attributed to two campaigns targeting domestic entities and stock investors in Vietnam using the SPECTRALVIPER backdoor. One campaign involved a prolonged cyber espionage operation against a Vietnamese infrastructure and transport construction corporation from mid-2024 to February 2026, alongside a supply chain attack.
Related Signal
Adjacent reporting
- Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
- Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
- Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
- Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
- Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
- Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware