April 18, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome
November 1, 2019Rewterz Threat Alert – North Korean Trojan: HOPLIGHT
November 1, 2019Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome
November 1, 2019Rewterz Threat Alert – North Korean Trojan: HOPLIGHT
November 1, 2019
Severity
High
Analysis Summary
Rising Security Research Institute has captured the attack launched by the internationally renowned APT organization “Rattlesnake” through the Rising Threat Intelligence System. This time, the organization targeted Pakistani Navy. The method is different from the previous attacks against China, but the core is the same. The ultimate goal is to steal confidential information from the government, energy, military, minerals and other fields.
The attack on Pakistan used the target collision hijacking method of the new LNK file path to deliver false shortcut files by mail or other means, pretending to be the Indian and Chinese leaders issued by the Pakistan Naval Public Relations Bureau. The press release of the talks induced the victim to click. Once the user accesses the link contained in the shortcut attribute, the malware is downloaded and all the file information in the computer is stolen.
The attack targeted Pakistan, where the attacker disguised the bait document as a press release issued by the Pakistan Navy Public Relations Bureau. The press release recorded the points discussed by Indian Prime Minister Modi and Chinese President Xi Jinping.
Impact
- Exposure of sensitive information
- Credential theft
Remediation
- Always be suspicious about emails sent y unknown senders.
- Never click on the links/attachments sent by unknown senders.