A sophisticated threat group APT-36 is targeting government systems using social engineering tactics that exploit security awareness. The campaign employs deceptive fake advisories and complex malware to establish long-term espionage capabilities. #APT36 #CYFIRMA #EspionageCampaign
Keypoints
- The attack starts with a malicious Windows shortcut disguised as a PDF to lure victims.
- The malware uses command-line obfuscation with caret symbols to evade detection.
- The campaign leverages a fake government advisory regarding WhatsApp scams to deceive targets.
- The malware installs persistent backdoors, including DLL hijacking and registry modifications.
- Command-and-control communication uses reversed endpoints to avoid standard detection.
Read More: https://securityonline.info/apt-36-uses-fake-whatsapp-fraud-advisory-to-hack-government-systems/