A recently discovered hacking campaign is targeting a range of organizations across the Asia-Pacific region, and one in Europe, as part of a sophisticated effort to steal corporate data and other high-value secrets, researchers with the cybersecurity firm Group-IB said Thursday.
The so-called “Dark Pink” campaign surged in the second half of 2022 and has, to date, been responsible for seven successful attacks, Group-IB researchers Andrey Polovinkin and Albert Priego said in a detailed analysis. Its primary goals seem to be corporate espionage, document theft, sound capture from the microphones of infected devices and data exfiltration from messengers, according to the researchers’ analysis.
The researchers did not attribute the campaign to any group, “making it highly likely that Dark Pink is an entirely new [advanced persistent threat] group,” the researchers said. But another security firm, the Chinese company Anheng Hunting Labs, linked the campaign to a “suspected southeast Asia” in an analysis published Jan. 5, according to a Google translation of its analysis.
Of course, the Asia-Pacific region is home to a variety of ongoing state-aligned cyber activity, representing a wide range of competing interests and agendas. From China to North and South Korea to Taiwan and Vietnam, there is no shortage of ongoing cyber operations run or sponsored by governments targeting each other or domestic entities.
The known Dark Pink attacks that Group-IB analyzed started with an attack on an unnamed religious organization in June 2022 in Vietnam. But the group was likely active at least dating back to May 2021, which is when a Github account the attackers used became active. Other known victims include a Vietnamese nonprofit, an Indonesian governmental organization, two military bodies in the Philippines and Malaysia and government agencies in Cambodia, Indonesia and Bosnia and Herzegovina, the researchers said.
Potentia ..
Support the originator by clicking the read the rest link below.
