| SYMBOL | COMMON_NAME | aka. SYNONYMS |
YoroTrooper’s main targets are government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth of Independent States, based on Cisco Talos analysis. YoroTrooper was also observed compromising accounts from at least two international organizations: a critical European Union health care agency and the World Intellectual Property Organization. Successful compromises also included Embassies of European countries including Azerbaijan and Turkmenistan.
| 2025-11-03
⋅
Seqrite
⋅
Operation Peek-a-Baku: Silent Lynx APT makes sluggish shift to Dushanbe Laplas (Reverseshell) SilentSweeper YoroTrooper |
| 2025-10-02
⋅
Medium BI.ZONE
⋅
Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks FoalShell StallionRAT YoroTrooper |
| 2025-08-27
⋅
Group-IB
⋅
ShadowSilk: A Cross-Border Binary Union for Data Exfiltration Cobalt Strike YoroTrooper |
| 2025-01-21
⋅
Seqrite
⋅
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Unidentified PS 005 (Telegram Bot) YoroTrooper |
| 2023-10-25
⋅
Cisco Talos
⋅
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan Ave Maria Loda YoroTrooper |
| 2023-03-14
⋅
Cisco Talos
⋅
Talos uncovers espionage campaigns targeting CIS countries, embassies and EU health care agency Poet RAT Loda Kasablanka YoroTrooper |