VERY IMPORTANT

Mysterious Elephant is a highly active APT group discovered in 2023, targeting government entities and foreign affairs sectors in the Asia-Pacific region. The group has evolved its tactics, using spear phishing, custom-made tools, and open-source tools like BabShell and MemLoader. Their latest campaign, starting in early 2025, shows a shift in TTPs with increased use of new custom tools. Mysterious Elephant exploits WhatsApp communications to steal sensitive data and employs various exfiltration tools. The group primarily targets Pakistan, Bangladesh, and Sri Lanka, using personalized payloads for specific individuals. Their sophisticated approach and continuous adaptation pose a significant threat to national security and global stability.