The cybersecurity landscape has witnessed a significant shift as the threat actor group UnsolicitedBooker has been reported targeting telecommunications companies in Kyrgyzstan and Tajikistan, departing from their previous focus on Saudi Arabian entities. Their latest campaign involves the deployment of two sophisticated backdoors, LuciDoor and MarsSnake, as detailed in a comprehensive report by Positive Technologies. This change in target demographic could suggest a strategic pivot, potentially exploring vulnerabilities within less fortified infrastructures in Central Asia.
For businesses in the telecommunications sector, particularly in regions identified as targets, this development underscores the urgent need for enhanced cybersecurity measures. The use of advanced backdoors like LuciDoor and MarsSnake indicates that attackers are employing increasingly sophisticated techniques to compromise systems. Organizations must prioritize robust threat detection and response strategies, alongside employee training to recognize potential phishing attempts or other vectors for cyber infiltration. This situation highlights not only the evolving nature of cyber threats but also the critical importance of adaptive security frameworks that can respond to emerging vulnerabilities, ensuring that businesses remain resilient against targeted attacks.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/02/unsolicitedbooker-targets-central-asian.html)*