Hacks

Researchers uncovered a new wave of an APT campaign that target the Indian financial institutions with the powerful Crimson RAT to compromise the network devices and exfiltrate the sensitive data. Crimson RAT was initially observed in 2016 that targeted the Indian diplomatic and military resources on behalf of APT attack, since then threat actors are continuously targeting the financial, healthcare, and space technology sectors. The recently observed campaign has specifically targeted the Indian Financial institutions with  spear-phishing  emails. Crimson RAT Infection Process  A Phishing email campaign contains a malicious attachment and the email send to a targeted organization in two different ways. A first method malformed Email campaign hit the target with a malicious link that pointed to PE (executable) file that contains two ZIP files with an embedded document. Once the payload executed by the victim, it automatically checks the OS version of the ...

Since the coronavirus became a worldwide health issue, the desire for more information and guidance from government and health authorities has reached a fever pitch. This is a  golden opportunity for threat actors  to capitalize on fear, spread misinformation, and generate mass hysteria—all while compromising victims with scams or malware campaigns. Profiting from global health concerns,  natural disasters , and other extreme weather events is nothing new for cybercriminals. Scams related to SARS,  H1N1 (swine flu) , and avian flu have circulated online for more than a decade. According to  reports from ZDnet , many state-sponsored threat actors have already started to distribute coronavirus lures, including: Chinese APTs: Vicious Panda, Mustang Panda North Korean APTs: Kimsuky Russian APTs: Hades group (believed to have ties with APT28), TA542 ( Emotet ) Other APTs: Sweed (Lokibot) Recently, the Red Drip team  reported  that APT36 ...