Attack On Maritime & Defense Manufacturing
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The DONOT APT group has launched a campaign targeting Pakistan's manufacturing industry supporting maritime and defense sectors. The attack uses a malicious LNK file disguised as an RTF, which executes PowerShell commands to deliver a lure document and stager malware. The malware establishes persistence through scheduled tasks, communicates with command and control servers using encrypted methods, and can download additional payloads. The campaign shows evolution in tactics, including improved encryption and payload delivery methods. The attackers collect detailed system information from victims and can self-delete if instructed. This operation demonstrates the increasing sophistication of APT campaigns and the need for enhanced cybersecurity measures.
OPENCTI LABELS :
apt,powershell,lnk file,encryption,persistence,pakistan,defense,maritime,stager,manufacturing
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Attack On Maritime & Defense Manufacturing