The Hacker News
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
July 31^st 2023 at 12:30

Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

By: THN

Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also known by the names Operation Hangover and Zinc Emerson, is suspected to be a threat group that

The Hacker News
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
May 9^th 2023 at 09:39

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique

By: Ravie Lakshmanan

The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat (APT) group used a server-based polymorphism technique to deliver the next stage payload," the BlackBerry

The Hacker News
SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations
May 8^th 2023 at 13:27

SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations

By: Ravie Lakshmanan

The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign. This involves using a ZIP archive lure pertaining to India's Defence Research and Development Organization (DRDO) to deliver a malicious payload capable of harvesting sensitive information, Fortinet

The Hacker News
Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies
April 19^th 2023 at 11:28

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

By: Ravie Lakshmanan

The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this week.

The Hacker News
Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps
March 7^th 2023 at 11:39

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

By: Ravie Lakshmanan

A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT. "Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp," ESET said in a report

FreshRSS

Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique

SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps