 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Dark Pink| Names | Dark Pink (Group-IB) Saaiwc Group (Anheng Hunting Labs) | |
| Country | [Unknown] | |
| Motivation | Information theft and espionage | |
| First seen | 2022 | |
| Description | (Group-IB) Group-IB, one of the global cybersecurity leaders, has today published its findings into Dark Pink, an ongoing advanced persistent threat (APT) campaign launched against high-profile targets in Cambodia, Indonesia, Malaysia, Philippines, Vietnam, and Bosnia and Herzegovina that we believe, with moderate confidence, was launched by a new threat actor. To date, Group-IB’s Threat Intelligence has been able to attribute seven successful attacks to this particular group from June-December 2022, with targets including military bodies, government ministries and agencies, and religious and non-profit organizations, although the list of victims could be significantly longer. Group-IB also noted one unsuccessful attack on a European state development body based in Vietnam. | |
| Observed | Sectors: Defense, Education, Government, Non-profit organizations. Countries: Belgium, Bosnia and Herzegovina, Brunei, Cambodia, Indonesia, Malaysia, Philippines, Thailand, Vietnam. | |
| Tools used | Ctealer, Cucky, KamiKakaBot, PowerSploit, TelePowerBot, ZMsg, Living off the Land. | |
| Operations performed | Feb 2023 | Dark Pink APT Group Strikes Government Entities in South Asian Countries <https://blog.eclecticiq.com/dark-pink-apt-group-strikes-government-entities-in-south-asian-countries> |
| Information | <https://www.group-ib.com/media-center/press-releases/dark-pink-apt/> <https://www.group-ib.com/blog/dark-pink-episode-2/> | |
Last change to this card: 10 March 2024
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |