Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A Pakistan-linked APT group, Transparent Tribe (APT36), is targeting Indian Government and Defense personnel using 'Pahalgam Terror Attack' themed documents. The campaign involves credential phishing and deployment of malicious payloads, with fake domains impersonating Jammu & Kashmir Police and Indian Air Force. The phishing PDF documents contain embedded links leading to fake login pages. A PowerPoint add-on file with malicious macros has been identified, which drops the Crimson RAT payload. The campaign exploits sensitive geopolitical issues to maximize impact and extract intelligence. Multiple phishing domains were created shortly after the attack, impersonating various Indian government entities. The potential impact includes disruption of sensitive operations, information manipulation, and data breaches.
OPENCTI LABELS :
phishing,crimson rat,geopolitical,pahalgam attack
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government