\"<p>Representative
Representative image (iStock)<\/span><\/figcaption><\/figure>Meta<\/a> (formerly Facebook) has cracked down on a cyber espionage operation linked to state-sponsored bad actors in Pakistan that targeted people in India, including military personnel and government officials, with various methods like honey trapping and infiltrating their devices with malware.

Apart from India, the group of hackers in Pakistan -- known in the security industry as
APT36<\/a> -- targeted people in Afghanistan, Pakistan, the UAE and Saudi Arabia, according to Meta's quarterly 'Adversarial Threat Report'.

\"Our investigation connected this activity to state-linked actors in Pakistan,\" Meta said.

The group's activity was persistent and targeted many services across the
Internet<\/a> -- from email providers to file-hosting services to social media.

\"APT36 used various malicious tactics to target people online with social engineering to infect their devices with malware. They used a mix of malicious and camouflaged links, and fake apps to distribute their malware targeting Android and Windows-run devices,\" the social network warned.

APT36 used fictitious personas -- posing as recruiters for both legitimate and fake companies, military personnel or attractive young women looking to make a romantic connection -- in an attempt to build trust with the people they targeted.

The group deployed a wide range of tactics, including the use of custom infrastructure, to deliver their malware.

\"Some of these domains masqueraded as photo-sharing websites or generic app stores, while others spoofed the domains of real companies like the Google Play Store,
Microsoft<\/a>'s OneDrive<\/a>, and Google Drive,\" said the Meta report.

Additionally, this group used common file-sharing services like WeTransfer to host malware for short periods of time.

The Pakistan-based actors also used link-shortening services to disguise malicious URLs.

They used social cards and preview sites -- online tools used in marketing to customise what image is displayed when a particular URL is shared on social media -- to mask redirection and ownership of domains APT36 controlled.

\"APT36 didn't directly share malware on our platforms, but rather used the tactics to share malicious links to sites they controlled and where they hosted malware,\" said Meta.

In several cases, this group used a modified version of commodity
Android malware<\/a> known as 'XploitSPY' available on Github.

While 'XploitSPY' appears to have been originally developed by a group of self-reported ethical hackers in India, APT36 made modifications to it to produce a new malware variantAcalled 'LazaSpy'.

Meta found that in this recent operation, APT36 had also trojanised (non-official) versions of
WhatsApp<\/a>, WeChat<\/a> and YouTube with another commodity malware family known as Mobzsar or CapraSpy.

\"Both malware families are capable of accessing call logs, contacts, files, text messages, geolocation, device information, photos and enabling microphone,\" said the report.

Meta also removed a brigading network in India, a mass reporting network in Indonesia and coordinated violating networks in Greece, India, and South Africa.

Brigading is a technique where groups of people coordinate to harass people on Meta platforms in an attempt to intimidate and silence them.
<\/body>","next_sibling":[{"msid":93372694,"title":"No challenge to 5G rollout without 700 MHz band: Vodafone Idea","entity_type":"ARTICLE","link":"\/news\/no-challenge-to-5g-rollout-without-700-mhz-band-vodafone-idea\/93372694","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":93374443,"entity_type":"ARTICLE","title":"Pak hackers targeting Indian officials shut by Meta","synopsis":"Apart from India, the group of hackers in Pakistan -- known in the security industry as APT36 -- targeted people in Afghanistan, Pakistan, the UAE and Saudi Arabia, according to Meta's quarterly 'Adversarial Threat Report'.","titleseo":"telecomnews\/pak-hackers-targeting-indian-officials-shut-by-meta","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":101,"shares":0,"engagementtimems":376000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-08-05 18:28:12","lastupd":"2022-08-05 18:32:14","breadcrumbTags":["meta","Pak hackers","microsoft","wechat","onedrive","cyber attacks","internet","apt36","android malware","whatsapp"],"secinfo":{"seolocation":"telecomnews\/pak-hackers-targeting-indian-officials-shut-by-meta"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-08-05" data-index="article_1">

Pak黑客针对印度官员关元

除了印度,巴基斯坦的群黑客——安全行业被称为APT36目标人在阿富汗、巴基斯坦、阿联酋和沙特阿拉伯,根据元的季度“对抗威胁的报告”。

  • 2022年8月5日更新是06:32点
阅读: 100年行业专业人士
读者的形象读到100年行业专业人士
< p >代表图像(iStock) < / p >
代表图像(iStock)
(以前Facebook)打击网络间谍行动与政府糟糕的演员在巴基斯坦,有针对性的印度人,包括军人和政府官员,与蜂蜜捕获和渗透等各种方法与恶意软件的设备。

除了印度,巴基斯坦的群黑客——安全行业被称为APT36——目标人在阿富汗、巴基斯坦、阿联酋和沙特阿拉伯,根据元的季度“对抗威胁的报告”。

“我们调查这个活动连接"演员在巴基斯坦,“元说。

广告
该组织的活动是持久的和有针对性的很多服务互联网——从电子邮件提供商向社交媒体文件托管服务。

“APT36使用各种与社会工程恶意策略目标网民与恶意软件感染他们的设备。他们使用的恶意和伪装的链接,和假应用分发他们的恶意软件针对Android和Windows-run设备,”《社交网络》警告说。

APT36使用虚构的角色——冒充合法和假公司招聘人员,军人或有吸引力的年轻女性想要一个浪漫的连接,为了建立信任与他们的目标的人。

集团广泛的部署策略,包括使用定制的基础设施,提供他们的恶意软件。

”这些域名伪装照片分享网站或通用的应用程序商店,当别人欺骗的域公司像谷歌玩商店,微软OneDriveGoogle Drive,”元报告说。

此外,这一组常见的文件共享服务,比如WeTransfer主机恶意软件用于短时间的。

巴基斯坦的演员也用伪装恶意链接缩短服务的url。

他们使用社会卡片和预览网站——在线工具用于营销定制图像显示当一个特定的URL是共享社会媒体——面具重定向和域名的所有权APT36控制。

广告
“APT36没有直接分享恶意软件在我们的平台上,而是用恶意网站链接策略分享他们控制和托管恶意软件,“元说。

在一些情况下,这组使用一个修改版的商品Android恶意软件被称为“XploitSPY”可在Github。

而“XploitSPY”似乎是最初由一群自我道德黑客在印度,APT36做出修改它来产生一个新的恶意软件variantAcalled“LazaSpy”。

元发现在最近的操作,APT36也trojanised(非官方)的版本WhatsApp,微信与另一个商品和YouTube家庭称为Mobzsar或CapraSpy恶意软件。

“恶意软件的家庭有能力访问通话记录、联系人、文件、短信,地理位置,设备信息,照片和启用麦克风,”报告说。

元也删除一个旅网络在印度,在印度尼西亚和质量报告网络协调违反网络在希腊,印度和南非。

旅技术群体协调骚扰人元平台上,试图恐吓和沉默。
  • 发布于2022年8月5日下午06:28坚持
是第一个发表评论。
现在评论

加入2 m +行业专业人士的社区

订阅我们的通讯最新见解与分析。乐动扑克

下载ETTelec乐动娱乐招聘om应用

  • 得到实时更新
  • 保存您最喜爱的文章
扫描下载应用程序
\"&lt;p&gt;Representative
Representative image (iStock)<\/span><\/figcaption><\/figure>Meta<\/a> (formerly Facebook) has cracked down on a cyber espionage operation linked to state-sponsored bad actors in Pakistan that targeted people in India, including military personnel and government officials, with various methods like honey trapping and infiltrating their devices with malware.

Apart from India, the group of hackers in Pakistan -- known in the security industry as
APT36<\/a> -- targeted people in Afghanistan, Pakistan, the UAE and Saudi Arabia, according to Meta's quarterly 'Adversarial Threat Report'.

\"Our investigation connected this activity to state-linked actors in Pakistan,\" Meta said.

The group's activity was persistent and targeted many services across the
Internet<\/a> -- from email providers to file-hosting services to social media.

\"APT36 used various malicious tactics to target people online with social engineering to infect their devices with malware. They used a mix of malicious and camouflaged links, and fake apps to distribute their malware targeting Android and Windows-run devices,\" the social network warned.

APT36 used fictitious personas -- posing as recruiters for both legitimate and fake companies, military personnel or attractive young women looking to make a romantic connection -- in an attempt to build trust with the people they targeted.

The group deployed a wide range of tactics, including the use of custom infrastructure, to deliver their malware.

\"Some of these domains masqueraded as photo-sharing websites or generic app stores, while others spoofed the domains of real companies like the Google Play Store,
Microsoft<\/a>'s OneDrive<\/a>, and Google Drive,\" said the Meta report.

Additionally, this group used common file-sharing services like WeTransfer to host malware for short periods of time.

The Pakistan-based actors also used link-shortening services to disguise malicious URLs.

They used social cards and preview sites -- online tools used in marketing to customise what image is displayed when a particular URL is shared on social media -- to mask redirection and ownership of domains APT36 controlled.

\"APT36 didn't directly share malware on our platforms, but rather used the tactics to share malicious links to sites they controlled and where they hosted malware,\" said Meta.

In several cases, this group used a modified version of commodity
Android malware<\/a> known as 'XploitSPY' available on Github.

While 'XploitSPY' appears to have been originally developed by a group of self-reported ethical hackers in India, APT36 made modifications to it to produce a new malware variantAcalled 'LazaSpy'.

Meta found that in this recent operation, APT36 had also trojanised (non-official) versions of
WhatsApp<\/a>, WeChat<\/a> and YouTube with another commodity malware family known as Mobzsar or CapraSpy.

\"Both malware families are capable of accessing call logs, contacts, files, text messages, geolocation, device information, photos and enabling microphone,\" said the report.

Meta also removed a brigading network in India, a mass reporting network in Indonesia and coordinated violating networks in Greece, India, and South Africa.

Brigading is a technique where groups of people coordinate to harass people on Meta platforms in an attempt to intimidate and silence them.
<\/body>","next_sibling":[{"msid":93372694,"title":"No challenge to 5G rollout without 700 MHz band: Vodafone Idea","entity_type":"ARTICLE","link":"\/news\/no-challenge-to-5g-rollout-without-700-mhz-band-vodafone-idea\/93372694","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":93374443,"entity_type":"ARTICLE","title":"Pak hackers targeting Indian officials shut by Meta","synopsis":"Apart from India, the group of hackers in Pakistan -- known in the security industry as APT36 -- targeted people in Afghanistan, Pakistan, the UAE and Saudi Arabia, according to Meta's quarterly 'Adversarial Threat Report'.","titleseo":"telecomnews\/pak-hackers-targeting-indian-officials-shut-by-meta","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":101,"shares":0,"engagementtimems":376000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-08-05 18:28:12","lastupd":"2022-08-05 18:32:14","breadcrumbTags":["meta","Pak hackers","microsoft","wechat","onedrive","cyber attacks","internet","apt36","android malware","whatsapp"],"secinfo":{"seolocation":"telecomnews\/pak-hackers-targeting-indian-officials-shut-by-meta"}}" data-news_link="//www.iser-br.com/news/pak-hackers-targeting-indian-officials-shut-by-meta/93374443">