<ciso brief/>
Tag Banner

All news with #anondoor tag

all tags →

Thu, October 2, 2025

Confucius Espionage: Evolution from Stealer to Backdoor

#Threat Report #WooperStealer #AnonDoor #Backdoor Found #Data Exfil via Tools #DLL Sideloading

🔐 FortiGuard Labs documents the Confucius espionage group’s shift from document-stealing malware to a stealthy Python-based backdoor targeting Microsoft Windows. Recent campaigns used spear-phishing with weaponized Office PPSX files, malicious LNK loaders, and staged PowerShell installers to deploy runtimes and execute AnonDoor modules. The actor leveraged DLL side-loading, scheduled tasks, and HKCU registry Load persistence to maintain stealth and periodic execution. Fortinet urges layered defenses, updated signatures, and user training to mitigate these threats.

read more →