@Andrade265that is disturbing https://www.varonis.com/blog/apt-groups/
Mythic Leopard has been linked to Pakistan and mainly focuses its resources on hacking and spear-phishing Indian government entities. The driving force behind these attacks is espionage to gain intelligence from the Indian government, military and other private Indian sectors. Using spear-phishing emails, Mythic Leopard was able to infect targets using a malicious Excel file.
- Origin: Pakistan
- Established: 2016
- Primary Targets: India and the Indian Army
- Weapon of Choice: Social Engineering
Previously, they would have used proxies to do their dirty work or paid for others to carry it out.
Plus the fact that Pakistan and India have a long standing hatred of each other too.
Indian governmental defense organizations and their personnel are the latest victims of APT36, a Seqrite article reports. Fake profiles of attractive women are used as bait in honey traps set up by APT36. Those that visit the fake profiles receive emails with attachments or are engaged in conversations over messaging applications where they are presented with links to malware or the malware itself. Once the victim opens the attachment, Crimson RAT is subsequently installed on their system. Crimson RAT is known for stealing data and reporting it back to its command and control servers. This campaign has been labeled "Operation Honey Pot" by Seqrite. For full technical details of this campaign, please see the link in the Reference section below.