Security News > 2023 > May > Dark Pink hackers continue to target govt and military organizations
The Dark Pink APT hacking group continues to be very active in 2023, observed targeting government, military, and education organizations in Indonesia, Brunei, and Vietnam.
Despite the previous exposure by Group-IB, Dark Pink has not shown any signs of slowing down, and the company says it identified at least five attacks perpetrated by the group following the publication of the previous report.
In the recent attacks, Dark Pink showcased a revamped attack chain, implemented different persistence mechanisms, and deployed new data exfiltration tools, likely attempting to dodge detection by distancing their operations from publicly available IoCs.
Dark Pink attacks continue to rely on ISO archives sent via spear-phishing for initial infection, which employs DLL side-loading to launch its signature backdoors, 'TelePowerBot' and 'KamiKakaBot.
Most likely, the attackers will continue to update their tools and diversify their methods as much as possible.
Tencent QQ users hacked in mysterious malware attack, says ESET. GoldenJackal state hackers silently attacking govts since 2019.