SturgeonPhisher

A new threat cluster named ShadowSilk has targeted government entities across Central Asia and the Asia-Pacific region, with Group-IB reporting 36 identified victims. The operation blends Russian- and Chinese-speaking actors, uses spear-phishing and Telegram-based C2, and leverages a broad toolkit to exfiltrate data from government networks.