Threat Intelligence Report

Same packet, different magic: Mustang Panda hits India's banking sector and Korea geopolitics

📅 April 21, 2026 📰 www.acronis.com 🔍 0 CVE(s) referenced

Mustang Panda has evolved its LOTUSLITE backdoor with new DLL sideloading techniques and thematic lures, shifting its espionage-focused targeting from U.S. government entities to India's banking sector and South Korean policy circles while maintaining consistent code lineage and operational patterns.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle