"Cyber Espionage Campaign Targets Government, Energy Entities in India"

A phishing campaign called "Operation FlightNight" involves phishing lures disguised as invitation letters from the Indian Air Force. The malicious campaign has targeted Indian government entities, including agencies for electronic communications, Information Technology (IT) governance, and national defense. The phishing emails carry an ISO file containing malware as well as a shortcut file (LNK) appearing to be the PDF invitation letter. When opened, it executes the hidden malware while displaying a decoy document that was most likely stolen in a previous intrusion and repurposed. The malware, which is a modified version of the open source information stealer "HackBrowserData," extracts documents and web browser data from the victim's machine, including login credentials, cookies, and browsing history. This article continues to discuss findings regarding the Operation FlightNight phishing campaign.

Security Week reports "Cyber Espionage Campaign Targets Government, Energy Entities in India"

Submitted by grigby1

Submitted by Gregory Rigby on