Confucius Targets Pakistani Military With Pegasus Spyware Lures

  /     /     /  
Publicated : 23/11/2024   Category : security


Confucius Targets Pakistani Military With Pegasus Spyware Lures


The threat group conducted a recent spear-phishing campaign that uses Pegasus spyware-related lures to trick victims into opening malicious files.



Researchers have observed the Confucius threat group conducting a recent spear-phishing campaign in which attackers used lures related to Pegasus spyware to target Pakistani military.
The campaign was detected during a broader investigation of the Confucius threat actor, report Trend Micro researchers who found it. In the first phase of the two-step attack, an email is sent without a malicious payload containing content copied from a legitimate Pakistani newspaper article. The spoofed sender address mimics the PR department of the Pakistani Armed Forces.
Two days later, a second email arrives disguised as a warning from the Pakistani military about the Pegasus spyware. This email contains a link to a malicious encrypted Word document; the decryption password will be sent to the victim. The sender address spoofs a service similar to the one in the first email.
If the target clicks the malicious document link or the unsubscribe link, the Word document is  downloaded and a document containing macros displays on the screen after the password is entered. If macros are enabled, malicious code will be noted, researchers explain.
The final payload is a .NET DLL file designed to steal documents and images, and it checks the Documents, Downloads, Desktop, and Pictures folder for every user.
Read the
full blog post
for more information.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Confucius Targets Pakistani Military With Pegasus Spyware Lures