A Pakistani cyber-espionage group has come under the Indian radar for allegedly trying to attack military and government personnel. The Transparent Tribe group is trying to obtain personal information of military and government officials, the Economic Times reported.
Details of the Espionage Campaign
The group has launched a fake website (clawsindia.com) similar to the official domain (claws.in) for the Centre for Land Warfare Studies (CLAWS). The Centre is an India-based autonomous think tank on strategic studies and land warfare. They recently tried to collect information using this fake domain name.
A senior government official said that the group targets individuals applying to CLAWS for chair of excellence. It is an honorary title for those making outstanding research contributions to strategic studies. In addition, he mentioned:
The victims are encouraged to click on an embedded URL hosted on sharingmymedia.com which then downloads ‘ObliqueRAT’, a trojan which is associated with threat activity targeting entities in South Asia.”
The group primarily selects defence personnel in India using two generic themes; Fake Resume and Topics related to the military. Further, the official said, “The group uses generically themed content-hosting domains in addition to malicious domains masquerading as the legitimate defence-related website.”
You can read our guide on phishing to know more about how to prevent such attacks.