Spear Phishing Campaign Targets Southeast Asia

New Tactic Clone PhishingResearchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. Most of the attacks were focused on countries in Southeast Asia, though one of them targeted an entity in Bosnia and Herzegovina.

“A large part of the success of Dark Pink was down to the spear-phishing emails used to gain initial access. In one such attack, Group-IB was able to find the original email sent by the threat actors,” the researchers write. “In this one instance, the threat actor posed as a job applicant applying for the position of PR and Communications intern. In the email, the threat actor mentions that they found the vacancy on a jobseeker site, which could suggest that the threat actors scan job boards and use this information to create highly relevant phishing emails.”

The spear phishing emails were designed to trick employees into downloading an ISO file containing malware.

“The emails contain a shortened URL linking to a free-to-use file sharing site, where the victim is presented with the option to download an ISO image that contains all the files needed for the threat actors to infect the victim’s network,” Group-IB says. “During our investigation into Dark Pink, we discovered that the threat actors leveraged several different ISO images, and we also noted that the documents contained in these ISO images varied from case to case. According to the information available to us, we strongly believe that the Dark Pink threat actors craft a unique email to each victim, and we do not discount that the threat actors can send the malicious ISO image as a direct attachment to the victim via email.”

New-school security awareness training can give your employees a healthy sense of suspicion so they can thwart targeted social engineering attacks.

Group-IB has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews