ShadowPad Attack Targets Multiple Entities in Pakistan

ShadowPad Attack Targets Multiple Entities in Pakistan

ShadowPad Compromises Multiple Entities in Pakistan

An unidentified threat actor infiltrated an application used by various entities in Pakistan to distribute ShadowPad, a backdoor commonly associated with Chinese hacking groups.

An application used by multiple organizations in Pakistan became the target of a cyber attack. The attacker used the compromised application to deliver ShadowPad, a successor to the well-known PlugX backdoor. ShadowPad is typically associated with Chinese hacking crews and has been used in previous cyber espionage campaigns.

Targets Included Government Entities, Banks, and Telecommunications Providers

The entities that were affected by the attack include a government entity, a public sector bank, and a telecommunications provider in Pakistan. These organizations were compromised during the period between mid-February 2022 and early March 2022. The specifics of the attack, including the exact method used by the threat actor to compromise the application, have not been disclosed.

Trend Micro Provides Insights

According to Trend Micro, a cybersecurity company, they were able to detect the infections caused by the ShadowPad malware. The company did not provide details about how many organizations were affected or the extent of the damage caused by the compromise. However, the fact that government entities, banks, and telecommunications providers were targeted suggests that the attacker had specific interests in these sectors.

Summary

An unidentified threat actor targeted an application used by various entities in Pakistan, such as a government entity, a public sector bank, and a telecommunications provider. The compromised application was used to deliver ShadowPad, a backdoor that is commonly associated with Chinese hacking crews. The exact method used by the attacker to compromise the application has not been revealed. Trend Micro was able to detect the infections caused by ShadowPad but did not provide any specifics regarding the impact of the compromise. This incident highlights the ongoing threat of cyber attacks targeting critical sectors, such as government and finance, and the need for improved cybersecurity measures to protect against such threats.

Original Article: https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html


0

Your Cart Is Empty

No products in the cart.