New APT Group Dark Pink Steals Confidential Data From APAC Government, Military Bodies
Siemens PLC's serious flaw, Threema's many flaws, Microsoft's 98 new patches, Vice Society's BART files spill, Denmark banks DDoS'ed, Clear's murky vulnerabilities, APT's Fake Shagle app, much more
Metacurity is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Researchers at Group-IB attributed attacks targeting government agencies and military bodies in multiple countries in the APAC region to what appears to be a new advanced threat actor they call Dark Pink that leverages custom malware to steal confidential information.
Also known as Saaiwc Group, the group uses a custom toolkit to steal information and spread malware via USB drives. The actor used DLL side-loading and event-triggered execution methods to run its payloads on compromised systems. Their goal is to steal information and spread malware via USB drives. The actor used DLL side-loading and event-triggered execution methods to run its payloads on compromised systems.
Considered an advanced persistent threat (APT), Dark Pink has launched at least seven successful attacks between June and December 2022. Group-IB has informed all seven organizations of …
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.