Pak-based hacking group targeted Indians, including military personnel via FB, Insta: Meta

A Pakistan-based hacking group has targeted people in India, including military personnel making as many as 120 accounts on Facebook and Instagram, revealed a report by Meta.

The Facebook parent company in a report said, “We took action against about 120 accounts on Facebook and Instagram linked to a hacking group in Pakistan that predominantly targeted people in India and Pakistan, including military personnel in India and among the Pakistan Air Force.”

“Our investigation connected it to state-linked actors in Pakistan,” the report added.

Though the group’s activity was “relatively low in sophistication”, it was “persistent and targeted” several services across the internet, Meta said.

How Pakistani hackers targeted Indians?

Meta said that the hacking group of Pakistan relied heavily on a web of attacker-controlled websites to distribute malware through highly targeted campaigns aimed to trick people into clicking on

malicious links and downloading Android or Windows malware.

Meta highlights ‘new & noteworthy tactics’ used by Pakistani hackers

Social engineering and fake personas: Meta said that the Pakistani hacker group used fictitious personas in an attempt to buy confidence and trust of people they targeted.

The members of the hacker group posed as recruiters for legitimate as well as fake defence companies and governments, military personnel, journalists and even women to make a romantic connection.

Fake apps and websites delivering malware: To host and deliver their malware, this group used custom applications and infrastructure. They passed on some of these domains masqueraded as file storing and sharing services or recruiting-related websites. For this, they used file sharing sites such as Dropbox and Google Drive.

It also ran non-malicious custom desktop apps for Windows that were likely used to send malware directly to targets, Meta said.

Malware: Meta said that this Pakistan-based group has been famous in the security industry as a prolific user of GravityRAT, a low-sophistication malware family capable of gathering sensitive user data.  They added some resilience to their command-and-control infrastructure to enable their malware to operate when existing infrastructure goes down or gets exposed.

Read all the Latest News, Trending News, Cricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.