Cyber Espionage Alert: Tick Group Exploits Critical Motex Lanscope Flaw for System Takeover!

Tick, also known as Bronze Butler, is back in action! Exploiting the critical CVE-2025-61932 flaw in Motex Lanscope Endpoint Manager, they’re dropping backdoors like they’re hot. With a CVSS score of 9.3, this vulnerability allows remote attackers to execute arbitrary commands with SYSTEM privileges. Stay vigilant, because Tick is not just for tocking!

3P
Published: October 31, 2025 2:05 pmAdded: October 31, 2025 at 7:18 amAssembled by: The Editor
Pro Dashboard

Hot Take:

It’s official, the Tick group has ticked off the cybersecurity community once again! With a new vulnerability exploit in Motex Lanscope, these cyber-espionage wizards are proving they have more aliases than a spy in a James Bond movie. Who knew that being a ‘Stalker Panda’ could involve so much tech-savvy villainy?

Key Points:

  • Critical security flaw in Lanscope exploited by Tick group.
  • Vulnerability CVE-2025-61932 allows command execution with SYSTEM privileges.
  • Gokcpdoor backdoor used for proxy connections and malicious command execution.
  • Attack involves DLL side-loading and tools like goddi and Remote Desktop.
  • Tick group’s history of exploiting zero-day flaws is well-documented.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?