#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

CrimsonRAT | Breaking Cybersecurity News | The Hacker News

Pakistani Hackers Targeting Indian Students in Latest Malware Campaign

Pakistani Hackers Targeting Indian Students in Latest Malware Campaign
Jul 14, 2022
The advanced persistent threat (APT) group known as Transparent Tribe has been attributed to a new ongoing phishing campaign targeting students at various educational institutions in India at least since December 2021. "This new campaign also suggests that the APT is actively expanding its network of victims to include civilian users," Cisco Talos  said  in a report shared with The Hacker News. Also tracked under the monikers APT36, Operation C-Major, PROJECTM, Mythic Leopard, the Transparent Tribe actor is  suspected  to be of Pakistani origin and is known to strike government entities and think tanks in India and Afghanistan with custom malware such as CrimsonRAT, ObliqueRAT, and CapraRAT. But the targeting of educational institutions and students, first  observed  by India-based K7 Labs in May 2022, indicates a deviation from the adversary's typical focus. "The latest targeting of the educational sector may align with the strategic goals of espionage of the

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection
Mar 03, 2021
Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Talos reveals an active malware campaign targeting organizations in South Asia that utilize malicious Microsoft Office documents forged with macros to spread a RAT that goes by the name of  ObliqueRAT . First documented in  February 2020 , the malware has been linked to a threat actor tracked as  Transparent Tribe  (aka Operation C-Major, Mythic Leopard, or APT36), a highly prolific group allegedly of Pakistani origin known for its attacks against human rights activists in the country as well as military and government personnel in India. While the ObliqueRAT modus operandi previously overlapped with another Transparent Tribe campaign in December 2019 to disseminate CrimsonRAT, the new wave

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Cybersecurity Resources