× EU ICT Risk Newsroom DORA News On the Horizon ΑΙ Cybersec Space Cyber Alerts GDPR News EU CERT Advisories ICT Governance ESA/NCAs Contact

HazyBeacon malware targets SE Asian governments via AWS Lambda for data theft.

Newsroom - 15 July 2025 - 14:08

Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where "CL" stands for "cluster" and "STA" refers to "state-backed motivation." "The threat actors behind this"

HazyBeacon malware targets SE Asian governments via AWS Lambda for data theft.

Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon.

The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where "CL" stands for "cluster" and "STA" refers to "state-backed motivation."

HazyBeacon malware AWS Lambda data theft

HazyBeacon malware targets SE Asian governments via AWS Lambda for data theft.

Subscribe for EU DORA and Banking ICT Risk news and insights