Home/News/OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Hacker News2 min read

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

OceanLotus, a Vietnam-aligned threat actor, launched two distinct campaigns targeting domestic entities and stock investors with a backdoor named SPECTRALVIPER. The first campaign, a cyber espionage operation, ran from mid-2024 to February 2026 and focused on a Vietnamese infrastructure and transport construction corporation. The second campaign involved a supply chain attack, though specific details about its targets and timeline were not fully disclosed in the initial report. The SPECTRALVIPER backdoor is designed to facilitate data exfiltration and maintain persistent access to compromised systems. This operation highlights OceanLotus's continued focus on Vietnamese targets and its use of sophisticated malware to achieve its objectives. The group's activities are part of a broader trend of state-sponsored cyber espionage targeting critical infrastructure and financial sectors.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Read next