Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

Silver Fox, a China-linked threat actor, ran tax-themed phishing campaigns beginning December and expanding into Russia and India that delivered a previously undocumented Python backdoor called ABCDoor, ValleyRAT, and a customized RustSL loader; Kaspersky recorded ~1,600 malicious emails and details include persistence via Run keys and scheduled tasks, C2 over HTTPS using Socket.IO, multimonitor screen streaming via FFmpeg, remote control and data-theft capabilities, and forensic artifacts defenders can monitor.