Pakistan Based Hackers Using These Messaging Apps Programming Languages to Target Indian Government Defense Websites
The BlackBerry Research and Intelligence team has recently exposed the cyber espionage campaign of hacking group Transparent Tribe. The group’s recent activity includes the use of phishing techniques to transmit malware. These phishing attacks often pose as malicious documents posing as official government correspondence or defense-related information. Once these documents are opened, malware is installed on the victim’s system, giving attackers unauthorized access to sensitive information.
Report According to , the malware used includes several forms of remote access trojans (RATs), such as Crimson RAT and ObliqueRAT, which enable attackers to steal data, monitor communications, and remotely trigger other espionage activities.
Transparent Tribe has been active since 2013. This is a cyber surveillance threat group working with Pakistani nexus. Drupa has previously conducted cyber espionage campaigns against India’s education and defense sectors.
The group’s operations also use techniques like command and control (C2) structures, which can also be changed to hide identities. Transparent Tribe has also focused on the Indian education sector, particularly large institutions such as the Indian Institutes of Technology (IITs) and National Institutes of Technology (NITs). These attacks, which intensified in early 2023, use malware embedded in macro-enabled PowerPoint add-ons (PPAM files).
Seqrite’s recent attacks based on previous attacks by the group Report It has been reported that this threat group is a hacker group from Pakistan that has been targeting South Asian countries, especially Indian defense and government organizations, since at least 2019. The group uses a variety of software tools, including Ares RAT, Action RAT, AllaKore RAT, Reverse RAT, Margulas RAT, etc. Transparent Tribe has been active since 2013.
