cybersecurity threats have escalated as hackers continue to evolve their techniques to infiltrate sensitive data; one such alarming trend is the rise of fake email attacks, specifically aimed at targeting civil and military officials.

In the ongoing cyber warfare between India and Pakistan, the latest development highlights the activities of Pakistani hackers targeting Indian users. These threat actors, operating under the name “SpaceCobra,” have been focusing on compromising WhatsApp backups and extracting critical data from targeted devices.

The Sophisticated GravityRAT Malware

Recently, cybersecurity researchers at ESET uncovered two seemingly innocent messaging applications called BingeChat and Chatico, which were found to distribute the GravityRAT remote access trojan (RAT). This advanced malware possesses the capability to extract various sensitive information from compromised endpoints, including call logs, contact lists, SMS messages, device location, and basic device information. It also targets specific file extensions for pictures, photos, and documents.

What sets GravityRAT apart is its unique distribution method. Unlike typical malware apps found on app stores, BingeChat and Chatico cannot be downloaded from any official platforms. Instead, users must visit a specific website and create an account to acquire these applications. This deliberate complexity adds an additional layer of difficulty to the infection process, making it harder to detect and combat.

Pakistani Hackers Targeting Indian Users with Precise Attacks

Researchers from ESET discovered that the majority of victims targeted in this campaign are based in India, aligning with the country’s widespread use of WhatsApp. The hackers behind SpaceCobra, originating from Pakistan, have exhibited precise targeting and a deliberate and selective approach. Registration on their website is closed, suggesting they may target certain locations or IP addresses with their attacks. The campaign’s longevity is worth noting, as it has been active for over a year, indicating a sustained effort by the threat actors.

Also read: Pakistani Hackers Run Respect Holy Prophet Ticker on Indian news Channel Time8


Please enter your comment!
Please enter your name here