Cybersecurity researchers have uncovered the actions of Transparent Tribe, a Pakistani-linked threat actor, who used malware written in Python, Golang, and Rust to attack the Indian government, defence, and aerospace sectors. The attack done through a spear-phishing campaign also involves abuse of Discord, Google Drive, Slack and Telegram, which suggests threat actors now leverage legitimate programs in their attack vectors. A statement by one of BlackBerry’s researchers suggests, “This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist.” Some reports indicate that some organizations involved in the attack include Hindustan Aeronautics Limited (HAL), Bharat Electronics Limited (BEL), and BEML Limited.
Cybercriminals Stole Over $100k in Daily Gift Card Fraud
Storm-0539, a Morocco-based cybercriminal group, is linked to an ongoing SMS phishing attack involving gift card fraud. Microsoft has called the public’s attention to this incident and released a statement revealing the criminals’ intentions: “Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate. We’ve seen some examples where the threat actor has stolen up to $100,000 a day at certain companies.”
Phishing Just Got Bigger with New Tricks Added to the Game
In a recent discovery, cybersecurity researchers discovered an active phishing campaign leveraging the abuse of Cloudflare Workers in harvesting user credentials linked with Microsoft, Gmail, Yahoo And cPanel Webmail. One of the researchers gave more insight into the attack method described as a transparent or adversary-in-the-middle phishing attack which leverages Cloudflare Workers to act as a reverse proxy server for a legitimate login page, intercepting traffic between the victim and the login page to capture credentials, cookies, and tokens. Further details revealed that the attack mainly targeted Asian, North American, and Southern European sectors such as technology, finance, and banking. The attackers use HTML smuggling.
Lockbit ransomware groups have attacked several companies with credentials already exposed on the dark web. Below are some of the affected businesses
B&S Group: This pharmaceutical company with over 1,000 employees specializes in Pharmaceuticals, Manufacturing, Oral Solutions and suspensions, Eye / Ear Drops and ointments, OTC, Parallel Import, UK Distribution, Storage, Laboratories, Research, Healthcare, Processing orders, and Global trading. Its revenue is $138.9 million.
Kulicke & Soffa: Kulicke is a semiconductor manufacturing company that specializes in Advanced Packaging Equipment, Ball Bonding Equipment, Electronics Assembly Equipment, Wedge Bonding Equipment, Wafer-Level Bonding Equipment, Capillaries, Dicing Blades, Wedge Bonding Consumables, K&S Care, K&S CERTIFIED, and Lithography Tools for Advanced Packaging. The company has over 5,000 employees and a revenue of $737.4 million.
PressureJet Systems Pvt Ltd: This industrial machinery manufacturing company specializes in Hydro Jetting Machines, Hydro Blasting Machines, Hydro Test Pumps, UHP Fire Fighting Equipment, Wet Sandblasting Equipment, Hydromechanical Descaling of Steel, Sewer Jetting Pumps, Drain Jetting Pumps, Industrial High-Pressure Jet Cleaners, High-Pressure Plunger Pumps, and Triplex Plunger Pumps. The company has over 200 employees and a revenue of $6.9 million.
Sun Petrochemicals Pvt Ltd: This Indian petrochemical company prides itself on being the leading oil and gas upstream and exploration company with remarkable innovation, accuracy, and speed. With over 200 employees, the company specializes in upstream oil and gas, exploration and production, onshore, and offshore.
Workscapes Inc: The Floridian Furniture company provides services involving furniture, walls, flooring, architectural products, and space planning. The company specializes in DIRTT Architectural Walls Partner, Certified MillerKnoll Dealer, Modular Walls, Flooring, Lighting, Shades, Space Planning, and Asset Management. Workscapes has over 200 employees and a revenue of $60.7 million.
