Rising Security Research Institute has captured the attack launched by the internationally renowned APT organization “Rattlesnake” through the Rising Threat Intelligence System. This time, the organization targeted Pakistani Navy. The method is different from the previous attacks against China, but the core is the same. The ultimate goal is to steal confidential information from the government, energy, military, minerals and other fields.
The attack on Pakistan used the target collision hijacking method of the new LNK file path to deliver false shortcut files by mail or other means, pretending to be the Indian and Chinese leaders issued by the Pakistan Naval Public Relations Bureau. The press release of the talks induced the victim to click. Once the user accesses the link contained in the shortcut attribute, the malware is downloaded and all the file information in the computer is stolen.
The attack targeted Pakistan, where the attacker disguised the bait document as a press release issued by the Pakistan Navy Public Relations Bureau. The press release recorded the points discussed by Indian Prime Minister Modi and Chinese President Xi Jinping.