Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government
An APT group called Transparent Tribe has been mounting a continuing cyberespionage campaign, according to cyber researchers. The campaign targets military and diplomatic entities around the world through leveraging malware. The group has now added new weapons to its arsenal, including a management console and a worming function to its main malware, Crimson RAT.
This newly implemented worm can propagate from machine to machine, as well as steal files from USB removable drives that are connected to devices. Transparent Tribe is also known as Mythic Leopard or ProjectM and began operations around 2013. The group specialized in widespread spy-craft, and researchers have linked a spearphishing campaign to the group as well. Security researchers uncovered 1,093 targets across 27 companies as part of the initiative, including Germany, Afghanistan, India, Iran, and Pakistan.