ISLAMABAD – Pakistan’s government bodies, military entities,telecommunications companies and educational institutions came undersuspicious cyber attack.
A new advanced persistent threat was used to gain unauthorised access tosensitive information, a report published in Securelistlink said Wednesday.
The report added that MuddyWater, a relatively new advanced persistentthreat (APT) that surfaced in 2017 and focused mainly on governmentaltargets in Iraq and Saudi Arabia, carried out a large number of theseattacks and demonstrated advanced social engineering.
“We recently noticed a large amount of spear phishing documents that appearto be targeting government bodies, military entities, telcos andeducational institutions in Jordan, Turkey, Azerbaijan and Pakistan, inaddition to the continuous targeting of Iraq and Saudi Arabia, othervictims were also detected in Mali, Austria, Russia, Iran and Bahrain,” thereport found, adding that these new documents have appeared throughout 2018and escalated from May onwards while the attacks are still ongoing.
Decoy images. Source: Securelist
Read Top Stories
The report identified that the malicious decoy documents used in theattacks suggested that they are geopolitically motivated, targetingsensitive personnel and organisations.
The attackers use not only random usernames to confuse researchers, butalso codenames like Leo, Poopak, Vendetta and Turk to create the documentsor templates according to the region. For instance, Poopak is a Persiangirl’s name or might suggest the authors are not entirely happy with “Pak”,which could be short for Pakistan.
