top of page
perceptive_background_267k.jpg

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

Published:

11 December 2025 at 11:00:00

Alert date:

11 December 2025 at 12:01:11

Source:

thehackernews.com

Click to open the original link from this advisory

The WIRTE APT group, also tracked as Ashen Lepus by Palo Alto Networks, has been conducting espionage campaigns against government and diplomatic entities in the Middle East since 2020. The threat actor uses a previously undocumented malware suite called AshTag, delivered through AshenLoader sideloading techniques. This represents an ongoing advanced persistent threat targeting critical government infrastructure in the region.

Technical details

Mitigation steps:

Affected products:

Related links:

https://thehackernews.com/2025/12/wirte-leverages-ashenloader-sideloading.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page