Pages

17 June 2024

Android malware used in six-year Pakistan-linked campaign against Indian government

Jonathan Greig

Hackers allegedly based in Pakistan have used Android-based malware during a six-year campaign targeting India’s government as well as Indian companies connected to the defense and technology sectors.

The campaign is still active, according to researchers at Cisco Talos, and it involves the use of malware named GravityRAT that allows hackers to steal information. In a report released Thursday, the researchers call the campaign “Operation Celestial Force.”

Since 2019, Cisco Talos said it has observed the hackers continually add capabilities to GravityRAT that allow them to exfiltrate device data like the International Mobile Equipment Identity number, phone numbers, network operations, SIM information, and device location.

Cisco previously spotlighted the use of GravityRAT by Pakistani actors against targets in India in 2018.

The malware also lets the hackers read text messages, steal files off the device, read call logs and delete all contacts.

No comments:

Post a Comment