ShadowPad Compromises Multiple Entities in Pakistan
An unidentified threat actor infiltrated an application used by various entities in Pakistan to distribute ShadowPad, a backdoor commonly associated with Chinese hacking groups.
An application used by multiple organizations in Pakistan became the target of a cyber attack. The attacker used the compromised application to deliver ShadowPad, a successor to the well-known PlugX backdoor. ShadowPad is typically associated with Chinese hacking crews and has been used in previous cyber espionage campaigns.
Targets Included Government Entities, Banks, and Telecommunications Providers
The entities that were affected by the attack include a government entity, a public sector bank, and a telecommunications provider in Pakistan. These organizations were compromised during the period between mid-February 2022 and early March 2022. The specifics of the attack, including the exact method used by the threat actor to compromise the application, have not been disclosed.
Trend Micro Provides Insights
According to Trend Micro, a cybersecurity company, they were able to detect the infections caused by the ShadowPad malware. The company did not provide details about how many organizations were affected or the extent of the damage caused by the compromise. However, the fact that government entities, banks, and telecommunications providers were targeted suggests that the attacker had specific interests in these sectors.
An unidentified threat actor targeted an application used by various entities in Pakistan, such as a government entity, a public sector bank, and a telecommunications provider. The compromised application was used to deliver ShadowPad, a backdoor that is commonly associated with Chinese hacking crews. The exact method used by the attacker to compromise the application has not been revealed. Trend Micro was able to detect the infections caused by ShadowPad but did not provide any specifics regarding the impact of the compromise. This incident highlights the ongoing threat of cyber attacks targeting critical sectors, such as government and finance, and the need for improved cybersecurity measures to protect against such threats.
Original Article: https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html