Thai Police Systems Targeted by ‘Yokai’ Backdoor Threat

Published:

spot_img

Rising Cyber Threat: Unmasking the "Yokai" Backdoor Targeting Thai Government Officials

Unknown Hackers Unleash ‘Yokai’ Backdoor Targeting Thai Government Associates

In a striking development, cybersecurity researchers from Netskope have discovered a new malware strain dubbed "Yokai" that is specifically targeting individuals linked to Thailand’s government. This unwieldy backdoor, potentially named after mythical spirits from Japanese folklore or the haunting entities featured in the video game Phasmophobia, raises alarms regarding the safety of sensitive government communication.

The attack, which has been cleverly crafted, involves two shortcut files masquerading as .pdf and .docx documents claiming to be relevant to U.S. government business with Thailand. With titles like "United States Department of Justice.pdf," the bait documents reference a high-profile criminal case connected to Woravit "Kim" Mektrakarn, a fugitive linked to a decades-old disappearance case.

"The lures suggest they are aimed at Thai police," notes Nikhil Hegde, a senior engineer at Netskope. He suggests attackers may aim to infiltrate police systems. When unsuspecting victims open these deceptive documents, they inadvertently download a hidden malware payload through a chain of legitimate Windows operations, utilizing tools like "esentutl" to manipulate alternate data streams—an often-overlooked feature in Windows’ NTFS.

Yokai itself calls home to a command-and-control server and can execute shell commands to steal sensitive data or deploy further malware. Notably, its coding exhibits both sophistication—such as structured command communication—and rough edges, including a tendency to rapidly self-replicate under certain conditions, which can severely hamper system performance.

In this alarming intersection of sophisticated cyber threats and governmental vulnerability, experts are urging increased vigilance and improved cybersecurity protocols for those associated with Thailand’s government.

spot_img

Related articles

Recent articles

Iraq’s Prime Minister Strengthens Energy Ties with U.S. to Attract Major Investments

Iraq's Prime Minister Strengthens Energy Ties with U.S. to Attract Major Investments Iraq's Prime Minister Ali al-Zaidi is set to pursue significant U.S. investments in...

Jesse McGraw (GhostExodus): From Blackhat Hacker to Advocate for Online Child Safety

Jesse McGraw (GhostExodus): From Blackhat Hacker to Advocate for Online Child Safety Jesse McGraw, known in the hacking community as GhostExodus, represents a complex narrative...

Krybit Ransomware Emerges as a Contender in 2026’s Competitive RaaS Landscape Amid Rivalry and Operational Challenges

Krybit Ransomware Emerges as a Contender in 2026's Competitive RaaS Landscape Amid Rivalry and Operational Challenges Krybit Ransomware has quickly positioned itself within the increasingly...

European Parliament Revives Chat Control 1.0, Igniting Privacy Debate Over CSAM Scanning

European Parliament Revives Chat Control 1.0, Igniting Privacy Debate Over CSAM Scanning The recent revival of the Chat Control 1.0 framework by the European Parliament...