"Bad News for Hackers! Patchwork Group Expose Themselves in Malware Campaign"

However sophisticated and resourceful cybercriminals can be, they still make mistakes. The India-based threat actor group called Patchwork, which has targeted users and government organizations in Pakistan, accidentally left its hacking strategies exposed online. Since 2015, Patchwork has affected various entities in Pakistan through the performance of spearphishing attacks. According to Malwarebytes, the attackers inadvertently exposed their malware details, captured keystrokes, and screenshots. Patchwork was found to have used malicious RTF files to drop a new variant of the BADNEWS Trojan dubbed Ragnatela in a campaign that lasted from late November to early December 2021. This article continues to discuss the Patchwork group's accidental exposure of its own hacking strategies, the group's use of Ragnatela in its recent campaign, the capabilities of this Trojan, and those that have fallen victim to it. 

CISO MAG reports "Bad News for Hackers! Patchwork Group Expose Themselves in Malware Campaign"