Summary: A new cybersecurity report by CYFIRMA reveals a sophisticated cyberattack targeting Indian users, allegedly led by a Pakistan-based APT group, APT36. The attackers created a fraudulent website mimicking the Indian Post Office to distribute malware to Windows and Android devices. The report details the tactics used by the group, including spear-phishing and the distribution of malicious applications, to compromise targets and exfiltrate sensitive data.
Affected: Indian Post Office users and associated organizations
Keypoints :
- A Pakistan-based APT group, identified as APT36, is behind the cyberattack.
- The fraudulent website delivered malware through a PDF document for PC users and a malicious Android application.
- The Android application requested extensive permissions and ultimately aimed to steal user data and financial information.