Facebook recently shut down a cyber espionage operation linked to hackers in Pakistan. This hacker’s targets were the Indian people including military personnel and government officials. The industry knows this Pakistani hackers group as APT36. According to Meta’s quarterly ‘Adversarial Threat Report” their method of operation included honey trapping and infiltrating victim’s devices with malware. Meta reported that their investigation linked these activities to state-linked actors in Pakistan.
The report asserts that the group targeted many Internet services. This ranged from email providers to file-hosting services to social media. The group made use of mailicous tactics to target people on the web and infect their devices with malware. With the use of a mix of mailicous and camouflaged links and fake apps they distributed their malware to their target’s devices. Their prime targets were Android and Windows based users.
The mysterious groups appear with fake personas , posing as posing as recruiters for both legitimate and fake companies, military personnel or attractive young women looking to make a romantic connection. Through this they establish trust with their targets. The group also used hosting services like Wetransfer to host malware for short periods of time. They used various tactics, even custom infrastructure, to deploy their malwares to their targets.
