You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Threat Actors
- Operation Shaheen: New APT White Company hits Pakistani military with a long-term cyberespionage campaign

Operation Shaheen: New APT White Company hits Pakistani military with a long-term cyberespionage campaign
Operation Shaheen: New APT White Company hits Pakistani military with a long-term cyberespionage campaign- November 14, 2018
- |
- Threat Actors
/https://cystory-images.s3.amazonaws.com/shutterstock_552417847.jpg)
- The campaign is the work of a previously unknown APT group called The White Company.
- Experts believe The White Company is likely a state-sponsored group and has access to zero-day exploits.
The Pakistani military has fallen victim to a year-long cyberespionage campaign that experts believe is still ongoing. The campaign, dubbed Operation Shaheen, is believed to be the work of a previously unknown APT group called The White Company. Experts believe The White Company is likely a state-sponsored group and has access to zero-day exploits.
According to security researchers at Cylance, who tracked Operation Shaheen, White Company targeted officers in the Pakistani Air Force with a phishing attack that distributed remote access trojans (RATs) and other malware payloads.
What is more, researchers said that they found no errors committed by the group that may have revealed its members’ true identity. This indicates that the threat group is highly sophisticated and careful to ensure that it leaves to traces of its identity.
“We have observed The White Company evolve, modify, and refine both its exploits and its malware. They craft advanced tools that are mission-specific and tailored to esoteric target environments,” Cylance researchers said in a report. “We’ve witnessed The White Company go to unusual lengths to ensure stealth. In this campaign, we watched them turn eight different antivirus products against their owners.”
It is still unclear whether the targets fell for the phishing lures and whether The White Company was capable of successfully infiltrating systems and exfiltrating sensitive data.
“We call this threat actor The White Company in acknowledgment of the many elaborate measures they take to whitewash all signs of their activity and evade attribution,” Cylance researchers added. “Perhaps the most significant of contradictions exposed by Cylance’s research is that the threat of state-sponsored cyber espionage has already arrived on Pakistan’s doorstep — a reality which appears to have just dawned on the Pakistanis themselves, at least in public discourse.”
- + Aware
Get such articles in your inbox
News
-
Previous News HookAds malvertising campaign found distributing malware via Fallout Exploit kit
- November 14, 2018
- |
- Malware and Vulnerabilities
-
Next News Google services were down for over an hour after its traffic was hijacked by a Nigerian ISP
- November 14, 2018
- |
- Breaches and Incidents
Popular News
Related News
Categories
Get such articles in your inbox
News
-
Previous News HookAds malvertising campaign found distributing malware via Fallout Exploit kit
- November 14, 2018
- |
- Malware and Vulnerabilities
-
Next News Google services were down for over an hour after its traffic was hijacked by a Nigerian ISP
- November 14, 2018
- |
- Breaches and Incidents
Popular News
Related News
Categories
