Black & White Path

Jun 12, 2026 · Information Security

How OceanLotus Hijacked Vietnam's Stock App Update Server to Deploy the SPECTRALVIPER Backdoor

ESET uncovered a six‑month supply‑chain poisoning campaign in which the OceanLotus APT group compromised the FireAnt Metakit update server, delivered a malicious SPECTRALVIPER backdoor to Vietnamese investors, and highlighted critical flaws in unsigned software updates.