July 24, 2024 at 06:36AM Patchwork, a threat actor linked to cyber attacks targeting entities connected to Bhutan, has utilized the Brute Ratel C4 framework and an updated backdoor, PGoShell. Known as APT-C-09, the state-sponsored actor has a history of conducting spear-phishing and watering hole attacks against China and Pakistan. Additionally, Patchwork has employed romance-themed … Read more
February 5, 2024 at 08:45AM Patchwork used romance scam lures to distribute VajraSpy trojan in India and Pakistan. ESET uncovered 12 espionage apps, including some on Google Play, infecting over 1,400 devices. The malware steals various data and was spread through fake messaging apps. This isn’t the first time for Patchwork, which has targeted similar … Read more
February 2, 2024 at 10:44AM The Indian APT group Patchwork used six Android espionage applications on Google Play, masquerading as messaging and news services, to distribute the VajraSpy remote access Trojan. ESET researchers found the RAT intercepts calls, messages, extracts WhatsApp and Signal messages, records calls, and takes pictures. The campaign primarily targeted Pakistani users … Read more