UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

A newly identified threat cluster, UAT-10362, is conducting spear-phishing campaigns against Taiwanese NGOs and suspected universities. The threat actor deploys LucidRook, a sophisticated Lua-based malware stager that embeds a Lua interpreter and Rust-compiled libraries within a DLL. This malware functions as a downloader to facilitate further payload delivery. The campaigns demonstrate advanced technical capabilities with multi-language compilation techniques. Organizations in Taiwan, particularly NGOs and academic institutions, should enhance email security controls, implement robust phishing detection, and conduct security awareness training to mitigate this emerging threat. Attribution remains unclear as UAT-10362 has no established threat actor linkages.

A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and

A newly identified threat cluster, UAT-10362, is conducting spear-phishing campaigns against Taiwanese NGOs and suspected universities. The threat actor deploys LucidRook, a sophisticated Lua-based malware stager that embeds a Lua interpreter and Rust-compiled libraries within a DLL. This malware functions as a downloader to facilitate further payload delivery. The campaigns demonstrate advanced technical capabilities with multi-language compilation techniques. Organizations in Taiwan, particularly NGOs and academic institutions, should enhance email security controls, implement robust phishing detection, and conduct security awareness training to mitigate this emerging threat. Attribution remains unclear as UAT-10362 has no established threat actor linkages. A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and