- Advertisment -
HomeWorldMETA Shuts Down Pak Hackers Targeting Indian Officials Through Honey Trapping, Malware
- Advertisment -

META Shuts Down Pak Hackers Targeting Indian Officials Through Honey Trapping, Malware

- Advertisment -

META Shuts Down Pak Hackers Targeting Indian Officials Through Honey Trapping, Malware

Meta (formerly Facebook) has cracked down on a cyber espionage operation involving state-sponsored bad actors in Pakistan that targeted people in India, including military personnel and government officials, with honey trapping and malware. Their equipment included various methods such as infiltration.

In addition to India, groups of hackers in Pakistan – known in the security industry as APT36 – targeted people in Afghanistan, Pakistan, the United Arab Emirates and Saudi Arabia, according to META’s quarterly ‘Advisorial Threat Report’.

“Our investigation linked this activity to state-linked actors in Pakistan,” said Meta.

The group’s activity was persistent and targeted multiple services on the Internet – from email providers to file-hosting services to social media.

The social network warned, “APT36 used various malicious tactics to target people online with social engineering to infect their devices with malware.

APT36 used fictitious individuals – both legitimate and fake companies, posing as recruiters for military personnel or attractive young women – in an effort to build trust with the people they targeted.

The group deployed a variety of strategies, including the use of custom infrastructure, to distribute its malware.

The meta report states, “Some of these domains masqueraded as photo-sharing websites or generic app stores, while others spoofed the domains of genuine companies such as the Google Play Store, Microsoft’s OneDrive and Google Drive.” Is.”

Additionally, this group used common file-sharing services such as WeTransfer to host malware for a short period of time.

Pakistan-based actors also used link-shortening services to hide malicious URLs.

They used social cards and preview sites to redirect and hide ownership of domains on social media – online tools used in marketing, which is the image displayed when a particular URL is shared on social media. used to customize.

“APT36 did not directly share malware on our platform, but instead used tactics to share malicious links on the sites and sites where they hosted the malware,” Meta said.

In several cases, this group used a modified version of the commodity Android malware known as ‘XploitSPY’ available on Github.

While ‘XploitSPY’ appears to have been originally developed by a group of self-reported ethical hackers in India, APT36 modified it to produce a new malware variant called ‘LazaSpy’.

Meta found that in this recent operation, APT36 had also trojanized (non-official) versions of WhatsApp, WeChat and YouTube along with another commodity malware family, known as Mobzsar or CapraSpy.

“Both malware families are capable of accessing call logs, contacts, files, text messages, geolocation, device information, photos and enabling microphones,” the report said.

META also removed a brigading network in India, a large-scale reporting network in Indonesia, and a coordinated breach network in Greece, India and South Africa.

Brigading is a technique where groups of people coordinate on a meta platform to intimidate and harass people in an effort to silence them.

, META Shuts Down Pak Hackers Targeting Indian Officials Through Honey Trapping, Malware

News From

The Ultimate Managed Hosting Platform
RELATED ARTICLES
- Advertisment -

Most Popular