Threat Intelligence Report

Inside Red Lamassu’s JFMBackdoor

📅 May 26, 2026 📰 www.pwc.com 🔍 0 CVE(s) referenced

Red Lamassu, a China-based threat actor, is leveraging a sophisticated Windows backdoor dubbed JFMBackdoor—capable of remote access, file and network operations, and stealthy persistence—against telecommunications and government targets across Asia Pacific, using an interconnected infrastructure of bespoke malware and overlapping command-and-control domains.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle