Chinese APT Lotus Blossom Delivers Chrysalis Backdoor
Rapid7 Labs and its MDR team disclosed a sophisticated campaign by Chinese APT Lotus Blossom that compromised the Notepad++ distribution infrastructure and delivered a previously undocumented backdoor, Chrysalis. The report details NSIS installer-based delivery, DLL sideloading, custom loaders including a Warbird-protected sample, and custom API-hashing and obfuscation techniques. The findings highlight targeted espionage against government, telecom, and critical infrastructure sectors and include actionable IOCs.
Scoring Rationale
Strong, novel forensic findings from Rapid7 provide actionable detection guidance, limited by low relevance to core AI/ML practitioners.
Practice with real Ad Tech data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ad Tech problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
Sources
- Read OriginalThe Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkitrapid7.com
