Pakistan government bodies, military entities hit with cyber advance persistent threat: Report
ISLAMABAD - Pakistan's government bodies, military entities, telecommunications companies and educational institutions came under suspicious cyber attack.
A new advanced persistent threat was used to gain unauthorised access to sensitive information, a report published in Securelist link said Wednesday.
The report added that MuddyWater, a relatively new advanced persistent threat (APT) that surfaced in 2017 and focused mainly on governmental targets in Iraq and Saudi Arabia, carried out a large number of these attacks and demonstrated advanced social engineering.
“We recently noticed a large amount of spear phishing documents that appear to be targeting government bodies, military entities, telcos and educational institutions in Jordan, Turkey, Azerbaijan and Pakistan, in addition to the continuous targeting of Iraq and Saudi Arabia, other victims were also detected in Mali, Austria, Russia, Iran and Bahrain,” the report found, adding that these new documents have appeared throughout 2018 and escalated from May onwards while the attacks are still ongoing.
Decoy images. Source: Securelist
The report identified that the malicious decoy documents used in the attacks suggested that they are geopolitically motivated, targeting sensitive personnel and organisations.
The attackers use not only random usernames to confuse researchers, but also codenames like Leo, Poopak, Vendetta and Turk to create the documents or templates according to the region. For instance, Poopak is a Persian girl’s name or might suggest the authors are not entirely happy with “Pak”, which could be short for Pakistan.