The Transparent Tribe hacking group has allegedly re-emerged with a new malware arsenal. The group is targeting India’s government and military in a new campaign. Transparent Tribe has been active since at least 2013 and has operated in 30 countries. The APT tends to focus primarily on India and Afghanistan, however. Transparent Tribe is suspected of being of Pakistani origin, despite attacks recorded against human rights activists within the country. The APT is also tracked using names APT36, PROJECTM, and Mythic Leopard.
In 2020, Kaspersky released information regarding the APT’s recent activity against government and military personnel. The attacks included Trojans, backdoors, and a propagation tool called USBWorm that had the capability to copy malicious code to removable drives. Just this week, Cisco Talos has provided another update on the group’s recent activities, stating that its latest campaign has focused on the Indian government and military bodies as targets. Cisco Talos reports that the campaign started in June 2021. In this campaign, the APT is using phishing tactics to deliver malicious documents and web domains that push its Windows-based malware.
Read More: Transparent Tribe APT returns to strike India’s government and military