The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor.

"Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries -- especially in Pakistan – using spear-phishing and malicious documents as initial access vectors," Fortinet FortiGuard Labs researcher Cara Lin said .

Confucius is a long-running hacking group that's believed to have been active since 2013 and operating across South Asia. Recent campaigns undertaken by the threat actor have employed a Python-based backdoor called Anondoor, signaling an evolution of the group's tradecraft and its technical agility.

One of the attack chains d

See Full Page