DoNot APT Group Targets European Foreign Ministry with LoptikMod Malware

The DoNot APT group, associated with India, conducted a spear-phishing attack against a European foreign ministry, utilizing a new malware called LoptikMod. This campaign, detailed by Trellix, highlights the group's ongoing cyberespionnage efforts. While the specific impact of the attack remains undisclosed, the targeting of a foreign ministry suggests a focus on intelligence gathering. The use of a new malware variant indicates the group's adaptation to evade detection. This incident underscores the persistent threat of state-linked APT groups and the necessity for robust cybersecurity defenses, including advanced email filtering, security awareness training, and endpoint detection and response solutions. Cybersecurity professionals must remain vigilant and proactive in their defense strategies to counter such sophisticated threats.