New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting

SiestaGraph And DoorMe Backdoors Used To Target ASEAN Member Foreign Ministry

December 21, 2022

Multiple threat actors are suspected to be behind attacks focused on the Foreign Affairs office of an ASEAN member. The adversaries likely took advantage of a flaw in an Internet facing Microsoft Exchange server for initial access. The DoorMe and SiestaGraph backdoors along with a Cobalt Strike beacon and multiple Windows binaries were used for lateral movement, exfiltrate sensitive data, and perform reconnaissance.