LanceflyLancefly
Also known as: Lancefly
Known aliases
1
Profile
Lancefly targets government, aviation, and telecom organizations in South and Southeast Asia. They use a custom backdoor named Merdoor, developed since 2018, and employ various tactics to gain access, including phishing emails, SSH credential brute-forcing, and exploiting server vulnerabilities. Additionally, Lancefly has been observed using a newer version of the ZXShell rootkit and tools like PlugX and ShadowPad RAT, which are typically associated with Chinese-speaking APT groups.
Aliases· 1
Lancefly
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.