Share:

JAKARTA - Kaspersky's Global Research & Analysis Team analyzed several new cyber attack waves carried out by the SilverFox group, which have been observed since December 2025.

The APT campaign involves disguising malicious files as documents related to tax violations, and targets companies in India, Indonesia, South Africa, and Russia in the industrial, consulting, trading, and transportation sectors.

In the action, the attacker will create a phishing email designed to look like an official tax audit notification to encourage the recipient to download an archive containing a fake "list of tax violations".

"The group exploits users' tendency to trust communications from official institutions, such as tax authorities," said senior security researcher at Kaspersky GReAT, Anton Kargin.

By utilizing the authority and urgency of communication from the tax agency, the threat actors aim to persuade the victim to download the file and trigger the attack chain. Between January and February alone, more than 1,600 malicious emails have been recorded.

The threat actor expanded its toolkit by deploying a new Python-based backdoor, called ABCDoor. This software allows attackers to upload and download files, as well as remotely control infected systems.

In addition, ABCDoor can also stream multiple victim screens simultaneously in near real time, access the clipboard, and update itself.

"This increases the overall risk posed by the attack, as it can help minimize the possibility of detection and disruption throughout the attack chain," he added.

To stay safe, Kaspersky recommends that organizations:

Regularly increase the level of digital literacy of employees Use solutions that can automatically block suspicious emails, scan password-protected archives Provide access to cybersecurity specialists to cyber threat intelligence Protect the company's infrastructure from various threats by using security solutions that provide real-time protection, threat visibility, investigation, and advanced response capabilities.

The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)

Tag: kaspersky kejahatan siber serangan siber

Most Popular Tags

#Prabowo Subianto #donald trump #Hajj pilgrimage 2025 #public school #bgn #konflik timur tengah

Popular

'Momen ChatGPT' for Physical AI Still Needs 5 Years
| TECHNOLOGY

'Momen ChatGPT' for Physical AI Still Needs 5 Years

08 Juni 2026, 23:45
Bamsoet encourages cooperation between Indonesian and Russian oil and gas, targeting supply and technology
| NEWS

Bamsoet encourages cooperation between Indonesian and Russian oil and gas, targeting supply and technology

08 Juni 2026, 23:22
BYD Great Tang Ready to Launch, 7-Seat Electric SUV Claims to Reach 950 Km
| MOBIL

BYD Great Tang Ready to Launch, 7-Seat Electric SUV Claims to Reach 950 Km

08 Juni 2026, 23:30
Hundreds of Medical Errors Occur in England, There Are Parts of the Body That Are Operated Wrongly
| INFO SEHAT

Hundreds of Medical Errors Occur in England, There Are Parts of the Body That Are Operated Wrongly

08 Juni 2026, 22:45
Sources of Fat for Mpasi that are Easy to Get
| KESEHATAN

Sources of Fat for Mpasi that are Easy to Get

08 Juni 2026, 22:54