Wednesday 24 September 16:00 - 16:30, Green room
Subhajeet Singha & Sathwik Ram Prakki (Seqrite Labs)
Silent Lynx is a newly identified cyber espionage campaign uncovered by Seqrite Labs in 2025, with a primary focus on government institutions, financial entities, and defence agencies in Central Asia. The attackers leverage spear-phishing emails, impersonating Kyrgyz government and banking officials to gain victims' trust, often delivering malicious RAR attachments that contain ISO files with embedded malware.
The campaign has demonstrated adaptability, utilizing both C++ and Golang-based implants to establish persistent access. Attackers deploy multi-stage infection chains, including obfuscated PowerShell scripts and remote access tools, while relying on compromised email accounts and common cloud services for command-and-control (C2) operations.
This presentation will provide an in-depth analysis of Silent Lynx's tactics, techniques and procedures (TTPs), covering the full infection lifecycle – from phishing lures and decoy documents to malware execution and infrastructure tracking. We will explore the campaign's regional focus, victim selection, and OPSEC failures observed in the attackers' operations.
Additionally, we will discuss our infrastructure-hunting efforts, which led to the discovery of interconnected C2 nodes and attribution links to the YoroTrooper APT, tracing its origins to Kazakhstan. Attendees will gain key insights into Silent Lynx's methodology, technical capabilities, and the broader geopolitical implications of this operation.
|
Subhajeet Singha Subhajeet Singha is a security researcher at Quick Heal's Security Labs, specializing in threat intelligence, malware research, and reverse engineering. His work focuses on analysing emerging cyber threats, uncovering sophisticated attack campaigns, and enhancing detection mechanisms to strengthen cybersecurity defences. With a deep understanding of malware behaviour and threat actor tactics, Subhajeet actively investigates advanced persistent threats (APTs), reverse-engineers complex malware strains, and contributes to research initiatives that improve industry-wide threat detection. His expertise spans multiple domains, including cyber threat hunting, and the development of proactive defence strategies.
|
|
|
Sathwik Ram Prakki Sathwik Ram Prakki works as a security researcher at Quick Heal's Security Labs. His areas of focus are threat intelligence, threat hunting, and writing about detection. He has a background in offensive security & Windows internals and is keen on exploring new detection techniques through reverse engineering and malware research. |
Back to VB2025 conference page