Advertisement
Top
image credit: Rawpixel

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

October 24, 2022

Via: The Hacker News
Category:

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website of the National Electric Power Regulatory Authority (NEPRA) to deliver a tailored malware called WarHawk.

“The newly discovered WarHawk backdoor contains various malicious modules that deliver Cobalt Strike, incorporating new TTPs such as KernelCallBackTable injection and Pakistan Standard Time zone check in order to ensure a victorious campaign,” Zscaler ThreatLabz said.

Read More on The Hacker News

RELATED PUBLICATIONS

Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
TA547 targets German organizations with Rhadamanthys malware

Latest Publications

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
iPhone Users Are Being Targeted by MFA Bombs, Here’s What We Know
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!