July 1, 2024 at 09:06AM Transparent Tribe, a threat actor, has been targeting individuals with malware-laced Android apps as part of a social engineering campaign. Their latest campaign, dubbed CapraTube, expanded to target mobile gamers, weapons enthusiasts, and TikTok fans. The group has a history of targeting the Indian government and military, using spear-phishing and … Read more
June 13, 2024 at 06:48AM Threat actors with ties to Pakistan are behind a long-running malware campaign named Operation Celestial Force, utilizing Android and Windows-based malware administered through a tool called GravityAdmin. The cybersecurity community attributes the intrusion to an adversary known as Cosmic Leopard, with indications that it targets users in the Indian subcontinent. … Read more
May 28, 2024 at 11:33PM A cyber-espionage group, Transparent Tribe, known for targeting government and defense sectors in India, has expanded its tactics to include targeting Linux systems using legitimate software techniques, including Google Drive and Telegram. Despite a history of targeting India, the group has also attacked the US, Europe, and Australia. They utilize … Read more
May 27, 2024 at 03:54AM The Pakistan-based Transparent Tribe has been linked to new attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware. The attacks, spanning from late 2023 to April 2024, utilized popular online services for spear-phishing campaigns. The group is known for cyber espionage operations and has experimented with new intrusion … Read more
November 7, 2023 at 04:42AM The Pakistan-linked threat actor called SideCopy has been using a recent WinRAR security vulnerability to target Indian government entities. They are delivering remote access trojans such as AllaKore RAT, Ares RAT, and DRat. This campaign is multi-platform, targeting both Windows and Linux systems. SideCopy is suspected to be a sub-group … Read more