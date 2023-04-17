 GET LIVE MARKET QUOTES & NEWS
Pakistan-aligned threat actor targeting Indian edu sector to keep an eye on research activities: Sentinel Labs researcher

Aihik Sur
Apr 17, 2023 / 03:39 PM IST

Aleksandar Milenkoski, a senior threat researcher at US-based cyber security firm Sentinel Labs, said the threat actor has been luring researchers and institutions with phishing emails that are embedded with malwares

This is not the first time Transparent Tribe has targeted India, according to reports. Earlier, from 2022, cybersecurity research firms have observed Transparent Tribe campaigns earmarking the country's military and education sector.

Pakistan-aligned threat Transparent Tribe has been targeting the Indian education sector, specifically students and research institutions, indicating that these threat actors are keeping a close watch on research activities of other nations, senior threat researcher at Sentinel Labs Aleksandar Milenkoski told Moneycontrol.

A few days back US-based cybersecurity firm Sentinel Labs, which had earlier came out with reports that alleged malware and spyware being planted on activists implicated in Bhima Koregaon case, published another report that claimed that Transparent Tribe has been been targeting the Indian education sector.

The report said the group has been distributing virus-laden documents in emails, and if one clicks on such documents, then Crimson RAT, a malware, gets deployed. They use phishing emails and fake websites to lure in students and research institutions, Milenkoski said.

"If a user is lured into enabling macros or double-clicking an image in a malicious document distributed by Transparent Tribe, the document executes the Crimson RAT. This is the malware of choice for the adversary to establish long-term access to victim networks. Crimson RAT may masquerade as a system update process to make its execution look legitimate," Milenkoski said.