Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets
May 27, 2024
Malware / Threat Intelligence
The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust. "This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist," the BlackBerry Research and Intelligence Team said in a technical report published early last week. The spear-phishing campaign is also notable for its abuse of popular online services such as Discord, Google Drive, Slack, and Telegram, once again underscoring how threat actors are adopting legitimate programs into their attack flows. According to BlackBerry, the targets of the email-based attacks included three companies that are crucial stakeholders and clients of the Department of Defense Production ( DDP ). All the three companies targeted are headquartered in the Indian city of Bengaluru. While the names of the firms were not disclosed, indications are that the