APT Pakistani Hackers Attack Indian Financial Institutions To Exfiltrate the Sensitive Data With Crimson RAT
Researchers uncovered a new wave of an APT campaign that target the Indian financial institutions with the powerful Crimson RAT to compromise the network devices and exfiltrate the sensitive data. Crimson RAT was initially observed in 2016 that targeted the Indian diplomatic and military resources on behalf of APT attack, since then threat actors are continuously targeting the financial, healthcare, and space technology sectors. The recently observed campaign has specifically targeted the Indian Financial institutions with spear-phishing emails. Crimson RAT Infection Process A Phishing email campaign contains a malicious attachment and the email send to a targeted organization in two different ways. A first method malformed Email campaign hit the target with a malicious link that pointed to PE (executable) file that contains two ZIP files with an embedded document. Once the payload executed by the victim, it automatically checks the OS version of the ...