Transparent Tribe has been particularly concentrating on instructional establishments
According to the report by Seqrite, the enterprise arm of Pune-based Quick Heal Technologies clear Tribe is a persistent menace group that’s believed to be originated in Pakistan in 2013.
Security researchers in India not too long ago raised considerations relating to the safety of the Indian military and outstanding instructional establishments within the nation, akin to IITs and NITs. They have raised an alarm after uncovering a collection of cyber assaults carried out by a infamous Pakistan-based hacker group often known as Transparent Tribe.
According to the report by Seqrite, the enterprise arm of Pune-based Quick Heal Technologies clear Tribe is a persistent menace group that’s believed to be originated in Pakistan in 2013. The hacker group has been concentrating on the Indian authorities and army entities, IANS reported.
The report means that the Pakistan-based hacker group additionally referred to as APT36 is utilizing a malicious file titled “Revision of Officers posting coverage” to lure the Indian Army into compromising their systems. The file is disguised as a legitimate document, but it contains embedded malware designed to exploit vulnerabilities, the team noted.
Additionally, the cybersecurity crew has observed a regarding rise within the concentrating on of the training sector by the identical group of hackers.
Starting from May 2022, Transparent Tribe has been specifically targeting educational institutions, including the Indian Institutes of Technology (IITs), National Institutes of Technology (NITs), and business schools. These attacks intensified in the first quarter of 2023, reaching their peak in February.
According to researchers, the subdivision of the Transparent Tribe, known as SideCopy, has also been identified as targeting an Indian defense Organisation. Their modus operandi involves testing a domain hosting malicious files, potentially to serve as a phishing page.
This sophisticated tactic aims to deceive unsuspecting victims into divulging sensitive information. The Pakistan-based hacker groups cleverly utilised malicious PPAM files masquerading as “Officers posting policy revised final”, the report stated.
A PPAM file is an add-in file utilized by Microsoft PowerPoint. These information exploit macro-enabled PowerPoint add-ons (PPAM) to hide archive information as OLE objects, successfully camouflaging the presence of malware, the report added.
The crew suggested taking common safety measures akin to retaining safety software program, working methods, and purposes updated to safeguard towards recognized vulnerabilities. They additionally emphasised the significance of implementing robust e mail filtering and internet safety options to detect and stop malicious content material.