cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Small countries are jumping on the hacking tool bandwagon

Hi All

 

Not immediately obvious, but countries with less resources, are now jumping on the cyber security hacking and using tools readily available against their own people and other countries:

 

https://www.darkreading.com/vulnerabilities---threats/even-small-nations-have-jumped-into-the-cyber-...

 

Regards

 

Caute_Cautim

2 Replies
Andrade265
Viewer

the Red Drip team reported that APT36 was using a decoy health advisory document to spread a Remote Administration Tool (RAT).

Caute_cautim
Community Champion

@Andrade265that is disturbing https://www.varonis.com/blog/apt-groups/

 

Mythic Leopard has been linked to Pakistan and mainly focuses its resources on hacking and spear-phishing Indian government entities. The driving force behind these attacks is espionage to gain intelligence from the Indian government, military and other private Indian sectors. Using spear-phishing emails, Mythic Leopard was able to infect targets using a malicious Excel file.

  • Origin: Pakistan
  • Established: 2016
  • Primary Targets: India and the Indian Army
  • Weapon of Choice: Social Engineering

Previously, they would have used proxies to do their dirty work or paid for others to carry it out.

 

Plus the fact that Pakistan and India have a long standing hatred of each other too.

 

Indian governmental defense organizations and their personnel are the latest victims of APT36, a Seqrite article reports. Fake profiles of attractive women are used as bait in honey traps set up by APT36. Those that visit the fake profiles receive emails with attachments or are engaged in conversations over messaging applications where they are presented with links to malware or the malware itself. Once the victim opens the attachment, Crimson RAT is subsequently installed on their system. Crimson RAT is known for stealing data and reporting it back to its command and control servers. This campaign has been labeled "Operation Honey Pot" by Seqrite. For full technical details of this campaign, please see the link in the Reference section below.

 

 

Regards

 

Cautim_Caute