Indian Air Force potentially targeted with info-stealing malware

From therecord.media

Researchers have uncovered a new espionage campaign potentially targeting the Indian Air Force with information-stealing malware.

The unidentified threat actor sent phishing emails to its targets with a link to a malicious .zip file supposedly containing data about Su-30 fighter jets. India approved the procurement of these jets last year to bolster its ongoing defense modernization efforts.

β€œThe hackers appear to be exploiting this event to target Indian Air Force professionals,” researchers at the cybersecurity firm Cyble said.

The delivered malware is a variant of a Go Stealer, based on open-source malware found on GitHub. However, it includes additional features, such as targeting a variety of browsers β€” Firefox, Google Chrome, Edge, and Brave β€” and exfiltrating data using Slack.

Read more…