Summary

The threat actor group UnsolicitedBooker has been identified targeting telecommunications companies in Kyrgyzstan and Tajikistan. This marks a strategic shift from their previous focus on Saudi Arabian entities, utilizing two backdoors named LuciDoor and MarsSnake.

Key Points

• UnsolicitedBooker is targeting telecom companies in Kyrgyzstan and Tajikistan.
• The group previously focused on entities in Saudi Arabia.
• Two backdoors, LuciDoor and MarsSnake, are being deployed in these attacks.
• The findings were reported by Positive Technologies last week.

Analysis

The targeting of telecommunications infrastructure in Central Asia by UnsolicitedBooker indicates a strategic pivot that could have significant implications for regional cybersecurity. The use of backdoors like LuciDoor and MarsSnake suggests a sophisticated approach to gaining unauthorized access and control over critical systems. This development underscores the need for heightened vigilance and robust security measures in the telecommunications sector.

Conclusion

IT professionals in the telecommunications sector, especially in Central Asia, should prioritize the implementation of advanced threat detection and response strategies to mitigate the risks posed by groups like UnsolicitedBooker.