June 17, 2024 at 04:57PM An advanced persistent threat (APT) from Pakistan is conducting cyber espionage against Indian government organizations using the “Dirty Pipe” Linux bug and the Discord-based malware, Disgomoji. The malware utilizes emojis for commands, making it user-friendly but not significantly impacting security software detections. UTA0137 has also been observed exploiting the old … Read more
June 15, 2024 at 01:15PM The newly discovered Linux malware named ‘DISGOMOJI’ uses emojis for executing commands on infected devices in attacks on Indian government agencies, related to a Pakistan-based threat actor known as ‘UTA0137.’ This novel approach allows the malware to potentially bypass security software. DISGOMOJI maintains persistence on devices and aims to exfiltrate … Read more
June 15, 2024 at 05:18AM A suspected Pakistan-based threat actor, UTA0137, has conducted a cyber espionage campaign targeting Indian government entities in 2024. They use a malware called DISGOMOJI, a modified version of Discord-C2, to control Linux systems via Discord using emojis. The attacker has also employed various tactics to escalate privileges and socially engineer … Read more