The Bitter APT group launched a sophisticated spear phishing campaign targeting Pakistan’s telecommunications sector during regional tensions between India and Pakistan. The operation involved stolen credentials and a WmRAT variant to conduct cyber espionage and reconnaissance. #BitterAPT #WmRAT #PakistanTelecom #OperationSindoor
Keypoints
- Bitter APT targeted Pakistan Telecommunication Company Limited with spear phishing during a regional conflict.
- The campaign used stolen credentials from Pakistan’s Counter Terrorism Department to enhance access.
- The malware employed a disguised Excel macro leading to a WmRAT remote access Trojan installation.
- Communications between malware and C2 servers were encrypted and masked to evade detection.
- The attack aimed to gather signals intelligence, map network infrastructure, and prepare for potential escalation.