The Reveal Platform
Intel Name: Longnosedgoblin tries to sniff out governmental affairs in southeast asia and japan
Date of Scan: December 22, 2025
Impact: High
Summary: LongNosedGoblin is a newly identified China-aligned APT group focused on cyberespionage against governmental institutions in Southeast Asia and Japan. Active since at least September 2023, the group leverages Windows Group Policy to deploy malware and move laterally within compromised networks, while using cloud services like OneDrive and Google Drive for command-and-control. Its custom toolset includes NosyHistorian for profiling targets via browser history and follow-on deployment of backdoors such as NosyDoor, along with additional spyware tools for data theft and monitoring.
