Mustang Panda hits India's banking sector and Korea geopolitics

4/30/20261 min read

A sleek laptop with a shield icon on the screen, symbolizing online security and cyber awareness.
A sleek laptop with a shield icon on the screen, symbolizing online security and cyber awareness.

Cybersecurity researchers have identified a new variant of the known malware LOTUSLITE, which is being spread through a theme linked to India’s banking sector.

“The backdoor connects to a command-and-control server using dynamic DNS over HTTPS and enables remote shell access, file handling, and session control. This suggests it is designed for ongoing espionage activities rather than financial gain,” said Acronis researchers Subhajeet Singha and Santiago Pontiroli in their analysis.