Using a sophisticated malware tool, a new threat actor known as “NewsPenguin” has been conducting espionage operations against Pakistan’s military-industrial complex for months.
Researchers from Blackberry detailed how this group meticulously prepared a phishing campaign targeting attendees of the upcoming Pakistan International Maritime Expo & Conference (PIMEC) in a blog post on February 9.
PIMEC is set to be held over the course of the following weekend. It is a Pakistan navy initiative that will provide opportunities to the maritime industry both in the public and private sectors to display products and develop business relationships.
“The event will also highlight Pakistan’s Maritime potential and provide the desired fillip for economic growth at national level,” reads the government press release. “Attendees at PIMEC include nation-states, militaries, and military manufacturers, among others. That fact, combined with NewPenguin’s use of a bespoke phishing lure and other contextual details of the attack, led the researchers to conclude “that the threat actor is actively targeting government organizations.”
How NewsPenguin Operates the Phishing Campaign?
NewsPenguin lures its victims via spear-phishing emails that are apparently attached to a Word document, in a pretense of being an “Exhibitor Manual” for the PIMEC.
Although this file’s name should have been a warning sign,
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: