Researchers Reveal More Details About SideCopy, the Pakistani Threat Actor Group

A hacking group from Pakistan managed to perform Facebook, Twitter, and Google sensitive credentials theft. It seems that its targets were Afghan ministries and a shared government computer from India. The consequences were that it secretly could achieve access to government portals through stolen credentials obtained via social engineering techniques.

About the Pakistani Threat Actor Group

Facebook, now known as Meta, announced last week about an August action taken against a Pakistani threat actor dubbed SideCopy. They have carried out some activities to mitigate Sidecopy’s activities on the platform, as this was using romancing lures to target some Afghan individuals. Their announcement included this declaration:

Today, we are sharing actions we’ve taken against four distinct groups of hackers in Pakistan and Syria over the past several months. To disrupt these malicious groups, we disabled their accounts, blocked their domains from being posted on our platform, shared information with our industry peers, security researchers, and law enforcement, and alerted the people who we believe were targeted by these hackers.

The group from Pakistan — known in the security industry as SideCopy — targeted people who were connected to the previous Afghan government, military, and law enforcement in Kabul.

Source

The researchers from Malwarebytes published

Read More: https://heimdalsecurity.com/blog/sidecopy-pakistani-threat-actor-group-targets-afghan-governments/