Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan

SUMMARY :

A sophisticated cyber espionage campaign dubbed Operation Cobalt Whisper has been uncovered, targeting various industries in Hong Kong and Pakistan. The threat actor focuses on the defense sector, engineering researchers, and key entities in these regions, using tailored lures related to electrotechnical societies, energy infrastructure, and environmental engineering. The campaign heavily relies on Cobalt Strike for post-exploitation, deploying it through obfuscated VBScript. The attack chain involves malicious LNK files, VBScript, and Cobalt Strike beacons. The operation has been active since May 2024, with over 20 infection chains identified. The threat actor's tactics suggest a methodical approach to cyber-espionage, aiming to compromise sensitive research and intellectual property.

OPENCTI LABELS :

cobalt strike,vbscript,cyber espionage,lnk files,pakistan,engineering,hong kong,defense sector


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan