Security News > 2023 > January > Dark Pink APT Group Targets Governments and Military in APAC Region

Government and military organizations in the Asia Pacific region are being targeted by a previously unknown advanced persistent threat actor, per the latest research.

Singapore-headquartered Group-IB, in a report shared with The Hacker News, said it's tracking the ongoing campaign under the name Dark Pink and attributed seven successful attacks to the adversarial collective between June and December 2022.

"Dark Pink APT's primary goals are to conduct corporate espionage, steal documents, capture the sound from the microphones of infected devices, and exfiltrate data from messengers," Group-IB researcher Andrey Polovinkin said, describing the activity as a "Highly complex APT campaign launched by seasoned threat actors."

The Dark Pink campaign further stands out for employing multiple infection chains, wherein the phishing messages contain a link to a booby-trapped ISO image file to activate the malware deployment process.

Another custom malware is ZMsg, a.NET-based application that allows Dark Pink to harvest messages sent via messaging apps such as Telegram, Viver, and Zalo.

"The use of an almost entirely custom toolkit, advanced evasion techniques, the threat actors' ability to rework their malware to ensure maximum effectiveness, and the profile of the targeted organizations demonstrate the threat that this particular group poses," Polovinkin said.

News URL

https://thehackernews.com/2023/01/dark-pink-apt-group-targets-governments.html