Russian cybersecurity company identifies new hacker group, Dark Pink
Group-IB characterizes Dark Pink as an advanced persistent threat for targeting high-profile organizations (military and government) ranging from Eastern Europe to the Asia Pacific.
Russian cybersecurity company Group-IB identified Dark Pink as the perpetrator of the cyber attacks against seven high-profile targets, including government and military institutions in Southeast Asia and Europe from June to December 2022.
"This new APT [advanced persistent threat] group is notable due to their specific focus on attacking branches of the military, and government ministries and agencies. Group-IB discovered that, as of December 2022, Dark Pink APT breached the security defenses of six organizations in five APAC [Asia-Pacific] countries (Cambodia, Indonesia, Malaysia, Philippines, and Vietnam), and one organization in Europe (Bosnia and Herzegovina)," the company said in a statement on Wednesday.
Group-IB characterized Dark Pink as an advanced persistent threat for targeting high-profile organizations (military and government) ranging from Eastern Europe to the Asia Pacific: Cambodia, Indonesia, Malaysia, Philippines, Vietnam, and Bosnia-Hegrezovenia. Group IB also registered an unsuccessful attack on a European organization in Vietnam.
The main objective of Dark Pink, according to Group-IB, is "corporate espionage".
The group bypasses security by sending Trojan horse emails with ambiguous URLs. A file would be downloaded to the device after being activated by clicking on the URL, which would then collect personal information including passwords, browser history, and social media data.