ESET researchers discovered a cyberespionage campaign that targeted Tibetans through a watering hole attack on a website related to the Monlam Festival in India and through a supply chain compromise of Tibetan language software. The attackers used malicious downloaders and backdoors like MgBot and Nightdoor to compromise website visitors and software users. The campaign aimed to steal data from targets in India, Taiwan, Hong Kong, Australia, and the US.

Click for details.