Sentinel Labs has recently published an advisory on an APT group called ModifiedElephant. According to the article, ModifiedElephant has been targeting activists, human rights defenders, journalists, academics and law professionals in India by placing incriminating files on their devices that were later used as evidence of terrorism and justification of imprisonment.
ModifiedElephant’s modus operandi is to infect their targets via a spear phishing email comprising a malicious file attachment, primarily a Microsoft Office document that is weaponized to install and run a malware on the victims’ devices.
This is an interesting attack objective and a worrying scenario. In today’s times, it is imperative to remain cyber aware and cyber vigilant. Raising our awareness levels against such attacks and techniques is the only way to protect ourselves.
Xybr has created multiple games that focus on raising awareness on techniques to identity a phishing email when employees receive one.
Here’s a link to the full advisory from Sentinel Labs.
Leave a Reply