Evasive Panda leverages Monlam Festival to target Tibetans

ESET researchers discovered a cyberespionage campaign that targeted Tibetans through a watering hole attack on a website related to the Monlam Festival in India and through a supply chain compromise of Tibetan language software. The attackers used malicious downloaders and backdoors like MgBot and Nightdoor to compromise website visitors and software users. The campaign aimed to steal data from targets in India Taiwan Hong Kong Australia and the US.