OceanLotus’ new Downloader, KerrDown

OceanLotus’ new Downloader, KerrDown

OceanLotus, also commonly referred to as APT32 is one of the most sophisticated threat actors originating out of south east Asia. PaloAlto Networks’ Unit42 have been tracking its use of a new downloader.

Unit42 says:

“While OceanLotus’ targets are global, their operations are mostly active within the APAC region which encompasses targeting private sectors across multiple industries, foreign governments, activists, and dissidents connected to Vietnam.”

The full analysis with indicators can be read here:


Leave a Comment

Your email address will not be published. Required fields are marked *