June 5, 2016
FireEye security researchers have discovered a new wave of attacks against Indian government officials, yet again linked to Pakistan, just like Operation Transparent Tribe in February and Operation C-Major in March.
The security firm reports that, starting May 18, Indian officials have been receiving a wave of spear-phishing emails masked as news items from a Times of India look-alike domain.
The emails either contained malicious file attachments or they included a link redirecting users to a domain where a drive-by download attack would secretly take place and download malware on the user’s computer.
If the users received a malicious attachment instead of a link, then the file would be a Microsoft Office document that exploited the CVE-2012-0158 vulnerability to install malware.