A peek into APT36’s updated arsenal

In July 2023, Zscaler ThreatLabz discovered new malicious activity perpetuated by the Pakistan-based advanced persistent threat group (APT36). APT36 is a sophisticated cyber threat group with a history of conducting targeted espionage operations in South Asia. Zscaler ThreatLabz observed APT36 Read More …

Hack the Real Box: APT41’s New Subgroup Earth Longzhi

In early 2022, Trend Micro investigated an incident that compromised a company in Taiwan. The malware used in the incident was a simple but custom Cobalt Strike loader. After further investigation, however, we found incidents targeting multiple regions using a Read More …

Pakistan government labels its own cybersecurity team ‘incompetent’

A Pakistani parliamentary committee has labelled its own cybersecurity agency “incompetent”. That damning assessment was offered by the nation’s Standing Committee on Information Technology and Telecommunication at a Monday meeting convened to brief committee members on the workings of Pakistan’s Read More …

Transparent Tribe APT returns to strike India’s government and military

The Transparent Tribe hacking group is back with a new malware arsenal and victim list including India’s government and military. Active since at least 2013, the advanced persistent threat (APT) group operates in at least 30 countries. However, the APT Read More …

Fake end-to-end encrypted chat app distributes Android spyware

The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. This particular RAT (remote access trojan) targets predominately Indian users, being distributed by Pakistani Read More …

An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan

Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the Read More …

Pakistan: Neglect caused Federal Board of Revenue cyber-attack

Despite knowing that its information technology equipment is obsolete and some of its software is outdated, the Federal Board of Revenue (FBR) did not make any serious effort to upgrade them, which resulted into hacking of the data centres. The Read More …

Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military

While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer. The NSO Group’s spyware spurred a collaborative investigation that found Read More …

Android spyware strains linked to state-sponsored Confucius threat group

Two variants of Android spyware connected to pro-India, state-sponsored hacking campaigns have been discovered. On Tuesday, cybersecurity firm Lookout said that two malware strains, dubbed Hornbill and SunBird, have been linked to Confucius, an advanced persistent threat (APT) group thought Read More …