Malware, Phishing, Threat Intelligence

Updated attack arsenal touted by Patchwork

Share
Patchwork

Organizations across Bhutan have been targeted by suspected Indian state-sponsored threat operation PatchWork in an attack campaign deploying the Brute Ratel C4 framework and an updated PGoShell malware version, both of which are new additions to the group's attack arsenal, The Hacker News reports.

Intrusions conducted by PatchWork, also known as APT-C-09, Zinc Emerson, Dropping Elephant, Viceroy Tiger, and Operation Hangover, commenced with the distribution of a malicious LNK file enabling the download of a fraudulent PDF to conceal compromise with Brute Ratel C4 and PGoShell malware, which facilitates not only screen capturing but also payload retrieval and execution, according to a report from the Knownsec 404 Team. Such a development comes months after PatchWork was reported to be involved in attacks leveraging romance scam lures to infect Android devices in India and Pakistan with the VajraSpy remote access trojan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.