APT, an Indian state-sponsored hackers outfit, is responsible for cyber strikes in Pakistan.
The APT group is targeting government and military entities to steal information, according to an alert issued by the National Telecommunications and Information Security Board (NTISB).
The gang uses a malicious email labeled “Cyber Security Advisory for Government Entities (Advisory No.54)” to disseminate malware via phishing emails.
NTISB Advice Regarding Alleged Indian Hackers
The advice claims that hackers are utilizing spear phishing emails to trick people into downloading bogus cyber security recommendations.
Hackers create bogus emails to make it appear as if the Prime Minister’s Office has issued a cyber security alert.
Moreover, the email involves an illicit file from a bogus website (https://pakistanarmy(.)xyx) with a URL identical to the Pakistan Army’s legitimate website (Pakistanarmy.gov.pk).
According to the the warning, hackers also use the false advisory to attach a hyperlink to the “Security Patch Application” for Government Employees.
However, the whole network of the government official who clicks and installs the link to such a bogus program will be vulnerable to cyber-attack.
Virus State
According to the NTISB, this virus is a Trojan or Backdoor, and when executed, the downloaded program downloads a second-stage attack.
Additionally, the malware has the ability to act remotely and obtain data from the computer belonging to the victim.
The NTISB has advised local firewalls to block the URL https://pakistanarmy(.)xyx.
The recommendation also advised informing employees at various civic and military institutions to these phishing assaults and implementing required security precautions.
To read our blog on “Alleged Indian hackers group found behind hacking Govt. websites,” click here.
