Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military

Trend Micro -

Confucius Uses -related Lures to Target Pakistani Military

APT & Targeted Attacks

While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer.

While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer. The ’s spyware spurred a collaborative investigation that found that it was being used to target high-ranking individuals in 11 different countries.

In this blog entry, we take a look at the lures used by the malicious actor and provide a short analysis of the file stealer used in the campaign, which was launched in early August.

The contents of the spear phishing email

The campaign involves a two-step . During the first phase, an email without a malicious payload containing content copied from a legitimate Pakistani newspaper’s article is sent to the target. The

Read More: https://www.trendmicro.com/en_us/research/21/h/confucius-uses-pegasus-spyware-related-lures-to-target-pakistani.html