UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

A newly identified threat cluster UAT-10362 is conducting targeted spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and universities. The threat actors are deploying LucidRook, a sophisticated Lua-based malware stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL). This malware functions as a downloader/stager to facilitate further payload delivery. The campaign demonstrates advanced technical capabilities and specific targeting of civil society organizations and academic institutions. Organizations in the targeted regions should enhance email security controls, implement user awareness training to recognize spear-phishing attempts, and monitor for indicators of Lua-based malware activity.

A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and

A newly identified threat cluster UAT-10362 is conducting targeted spear-phishing campaigns against Taiwanese non-governmental organizations (NGOs) and universities. The threat actors are deploying LucidRook, a sophisticated Lua-based malware stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL). This malware functions as a downloader/stager to facilitate further payload delivery. The campaign demonstrates advanced technical capabilities and specific targeting of civil society organizations and academic institutions. Organizations in the targeted regions should enhance email security controls, implement user awareness training to recognize spear-phishing attempts, and monitor for indicators of Lua-based malware activity. A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and