Newly identified advanced persistent threat group Dark Pink has launched seven successful cyberattacks against various government and military organizations in the Asia-Pacific region from June to December, according to The Hacker News.
Despite being pegged to have emerged in mid-2021, Dark Pink has only heightened its intrusions with a novel custom toolkit for data exfiltration a year later, a report from Group-IB revealed.
"Dark Pink APT's primary goals are to conduct corporate espionage, steal documents, capture the sound from the microphones of infected devices, and exfiltrate data from messengers," said Group-IB researcher Andrey Polovinkin.
Aside from utilizing spear-phishing emails and Telegram API in its attacks, Dark Pink has also been hosting malicious modules through a single GitHub account since May 2021.
Various infection chains have also been employed by Dark Pink in the latest campaign, which is believed to prompt the distribution of the KamiKakaBot and TelePowerBot payloads.
"The threat actors behind this wave of attacks were able to craft their tools in several programming languages, giving them flexibility as they attempted to breach defense infrastructure and gain persistence on victims' networks," said Polovinkin.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds