https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42374#M231 <P>the Red Drip team reported that APT36 was using a decoy health advisory document to spread a Remote Administration Tool (RAT).</P> Mon, 11 Jan 2021 04:34:47 GMT Andrade265 2021-01-11T04:34:47Z https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42296#M228 <P>Hi All</P><P>&nbsp;</P><P>Not immediately obvious, but countries with less resources, are now jumping on the cyber security hacking and using tools readily available against their own people and other countries:</P><P>&nbsp;</P><P><A href="https://www.darkreading.com/vulnerabilities---threats/even-small-nations-have-jumped-into-the-cyber-espionage-game/d/d-id/1339846?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple" target="_blank">https://www.darkreading.com/vulnerabilities---threats/even-small-nations-have-jumped-into-the-cyber-espionage-game/d/d-id/1339846?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 09 Oct 2023 09:45:19 GMT https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42296#M228 Caute_cautim 2023-10-09T09:45:19Z https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42374#M231 <P>the Red Drip team reported that APT36 was using a decoy health advisory document to spread a Remote Administration Tool (RAT).</P> Mon, 11 Jan 2021 04:34:47 GMT https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42374#M231 Andrade265 2021-01-11T04:34:47Z https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42375#M232 <P><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/716813721">@Andrade265</a>that is disturbing <A href="https://www.varonis.com/blog/apt-groups/" target="_blank" rel="noopener">https://www.varonis.com/blog/apt-groups/</A></P><P>&nbsp;</P><P>Mythic Leopard has been linked to Pakistan and mainly focuses its resources on hacking and spear-phishing Indian government entities. The driving force behind these attacks is espionage to gain intelligence from the Indian government, military and other private Indian sectors. Using spear-phishing emails, Mythic Leopard was able to <A href="https://cysinfo.com/cyber-attack-targeting-cbi-and-possibly-indian-army-officials/" target="_blank" rel="noopener noreferrer">infect targets</A> using a malicious Excel file.</P><UL><LI>Origin: Pakistan</LI><LI>Established: 2016</LI><LI>Primary Targets: India and the Indian Army</LI><LI>Weapon of Choice: Social Engineering</LI></UL><P>Previously, they would have used proxies to do their dirty work or paid for others to carry it out.</P><P>&nbsp;</P><P>Plus the fact that Pakistan and India have a long standing hatred of each other too.</P><P>&nbsp;</P><P><SPAN>Indian governmental defense organizations and their personnel are the latest victims of APT36, a Seqrite article reports. Fake profiles of attractive women are used as bait in honey traps set up by APT36. Those that visit the fake profiles receive emails with attachments or are engaged in conversations over messaging applications where they are presented with links to malware or the malware itself. Once the victim opens the attachment, Crimson RAT is subsequently installed on their system. Crimson RAT is known for stealing data and reporting it back to its command and control servers. This campaign has been labeled "Operation Honey Pot" by Seqrite. For full technical details of this campaign, please see the link in the Reference section below.</SPAN></P><P>&nbsp;</P><UL class="public-DraftStyleDefault-ul"><LI><DIV class="public-DraftStyleDefault-block public-DraftStyleDefault-ltr"><A href="https://www.seqrite.com/blog/operation-honey-trap-apt36-targets-defense-organizations-in-india/" target="_blank" rel="noopener noreferrer"><SPAN>https://www.seqrite.com/blog/operation-honey-trap-apt36-targets-defense-organizations-in-india/</SPAN></A></DIV></LI></UL><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Cautim_Caute</P> Mon, 11 Jan 2021 04:55:50 GMT https://community.isc2.org/t5/Threats/Small-countries-are-jumping-on-the-hacking-tool-bandwagon/m-p/42375#M232 Caute_cautim 2021-01-11T04:55:50Z