Pakistan's army suffers from a malware campaign called Operation Shaheen
Posted date 19/11/2018
The security firm Cylance, in collaboration with Pakistan's CERT, published an investigation in which it explains how the group nicknamed White Company, and supposedly sponsored by a state, has attempted to access Pakistan's army networks in a campaign known as Operation Shaheen.
This operation first involved sending phishing emails with links to compromised websites, and then changing the attack vector by sending emails with infected Word attachments.
According to the Cylance report, nothing could be found out about White Company's identity due to the complex C&C structure of Operation Shaheen, but one of the IP addresses is still active, indicating that the threat could still continue to operate.
References
-
12/11/2018threatvector.cylance.com
-
12/11/2018cyberscoop.com
Etiquetas