Transparent Tribe, an alleged Pakistan-aligned advanced persistent threat (APT) group, has been interconnected to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT.
“Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp,” ESET said in a report shared with The Hacker News.
It is estimated that up to 150 victims, most of whom have military or political affiliations, were targeted, with the malware (com.meetup.app) available for download from fake websites posing as official distribution centers for these apps. The targets are believed to have been lured by a honeytrap romance scam in which the threat actor approaches the victims via another platform and persuades them to install malware-laced apps under the guise of “secure” messaging and calling.
The targets are believed to have been lured by a honeytrap romance scam in which the threat actor approaches the victims via another platform and persuades them to install malware-laced apps under the guise of “secure” messaging and calling.
The apps, however, come pre-installed with CapraRAT, a modified version of the open-source AndroRAT that Trend Micro first documented in February 2022 and that
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: