Indian hacking group is targeting Pakistani embassies in multiple countries
The malware that is used in such cyber attacks is to spy on victims and steal important files.
Official sources have confirmed that an Indian hacking group is targeting Pakistani embassies in multiple nations.
The Pakistan Telecommunication Authority’s (PTA) CERT team issued a notice after it received threats from Avast CERT, which is an APT group from India. The group was involved in targeting numerous Pakistani embassies in countries like Azerbaijan, Nepal, Argentina and Brunei during March to June of 2022.
The way the ‘Confucius’ group works is by spreading its malware by sending phishing emails with PDF attachments that involved contained links to phishing websites. These websites also impersonated official government websites and had passwords to malicious documents, which the visitors could download.
The malware that is used in such cyber attacks is to spy on victims and steal important files. Malicious documents with names related to current events were found by the regulator’s Avast CERT. Malicious macros were also used by the ATP group in documents to drop additional infection stages written in Microsoft’s OOP language.
Macros also dropped other malware families like QuasarRAT, trojan downloaders, file stealers and a custom RAT written in C++. PTA CERT has asked government officials to ensure continuous monitoring of critical infrastructure, services and websites, along with training employees on social engineering, incident response procedures and phishing.
The authority has also told government employees to practice caution when dealing with file extensions, like pdf, doc, and more, and to report suspicious emails to organisations.
What are your views on this? Share in the comments bar below.