Lotus Blossom
G00300 reportsaliases · Lotus Blossom · DRAGONFISH · Spring Dragon · RADIUM · Raspberry Typhoon · Bilbug · Thrip
0
Reports
0
Techniques
0
Tactics
0
Countries
n/a
Hunt coverage
7
Aliases
Analyst assessment — key judgments
- No recorded activity: 0 report(s) in last 30d vs 0 prior (+0%).
- Assessment confidence: n/a.
Activity & trend
InactiveLast 30d: 0 vs 0 prior (+0%)
0
7d
0
30d
0
90d
0
All
0.0
Rpts/wk
Reporting timeline · 12 months
Overview
Analyst triage
Intelligence summary
Lotus Blossom is a long-standing threat group largely targeting various entities in Asia since at least 2009. In addition to government and related targets, Lotus Blossom has also targeted entities such as digital certificate issuers.(Citation: Lotus Blossom Jun 2015)(Citation: Symantec Bilbug 2022)(Citation: Cisco LotusBlossom 2025)
Top co-occurring indicators
Aliases & naming
Targeting · countries
Targeting · named victims
ATT&CK technique matrix
Coverage vs hunt library:
—
Hunt-coverage gaps — prioritized
Top techniques by observation
- No ATT&CK techniques associated yet.
Threat catalogue · engineering roadmap
Flagged detection-engineering queue
Uncovered techniques you flagged for hunt / detection build-out, aggregated across every actor you visit. Stored locally in your browser.
Infrastructure
IOC type mix
Tooling / malware families
Relationships
Activity
30-day mention timeline
Recent reporting
| Title | Source | Severity | Collected |
|---|