Mustang Panda Deploys Updated LOTUSLITE Backdoor Against Indian and South Korean Targets

The Chinese state-sponsored threat group Mustang Panda has deployed an updated version of the LOTUSLITE backdoor to target Indian financial institutions and South Korean diplomatic entities. The attack leverages DLL sideloading techniques to execute malicious payloads, as detailed in a report by cybersecurity firm Acronis. No specific dates, CVE IDs, or numerical impact metrics were disclosed in the findings. The campaign focuses on espionage and data exfiltration, though exact operational details remain undisclosed. Mustang Panda’s activities align with previously observed tactics attributed to Chinese advanced persistent threats (APTs).