VMTech
+381 11 4183 54024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

GoSerpent and DoNot Team: a new wave of espionage attacks against public-sector targets in Asia

GoSerpent and DoNot Team: a new wave of espionage attacks against public-sector targets in Asia

Colleagues, I’d like to draw your attention to a cybersecurity update.

Kaspersky has identified GoSerpent, a previously undocumented malware family targeting government entities and diplomats in Southeast Asia since late 2025.

The campaign is aimed at long-term access, file collection, and credential theft. It uses SOCKS5 proxies, ThumbcacheService, Mimikatz, QuarksDumpLocalHash, Stowaway and TmcLoader/TmcPayload.

Also notable is DoNot Team’s chain against military and defense organizations in Bangladesh: spear-phishing, an RTF document, geofencing, and covert persistence via OneDrive.

Why it matters: these campaigns show how mature espionage and data exfiltration toolsets have become.

How are you strengthening your defenses against such attacks?
#cybersecurity #threatintel #malware #infosec

Current metrics
0Views
0Reach
0Likes
0Comments
0Saved
0Shares

Latest comments

No comments yet.

Instagram

GoSerpent and DoNot Team: a new wave of espionage attacks against public-sector targets in Asia

Open the post on Instagram ↗