One hacker group called “Lancefly” used a customized version of the virus named “MerDoor” to target critical systems that are in public, aviation and telecommunication sector located in South and Southeast Asia.

According to a known cybersecurity research company, “Lancefly” group infiltrates to high potential networks for data excavation using techniques such as keylogger or similar types of viruses since 2018. They also infect as many hosts as possible inside the network they’ve exploited.

The research company reports, main of the monitored attacks are espionage. They persist in the target establishment’s network and try to steal any data that they deem vaulable.

They use various kind of techniques for their first attack vector to get into the target’s network. These can be email phishing, SSH key brute force attack or exploiting a public faced server for unauthorized access.

Some of the precautions we should take to protect ourselves from such attacks;

• Untrusted e-mails should not be opened,

• Multi-factor authentication should be used,

• Passwords created must be sufficiently complex,

• Advanced Anti-Virus applications should be used.