How does Transparent Tribe work?
Transparent Tribe, also known as APT36, ProjectM, Mythic Leopard or Earth Karkaddan, has been active since 2013. It is a cyber surveillance group that operates from Pakistan. It has previously conducted cyber espionage campaigns against India's education and defense sectors. Transparent Tribe primarily uses phishing emails, preferably using zip archives or links.
The BlackBerry Research and Intelligence team found that the group was using the same tools used in previous campaigns as well as their new updated versions. The research also revealed a remote IP address associated with a Pakistan-based mobile data network operator, hidden in a phishing email. In one of the files sent from this group, the time zone (TZ) variable was set to Asia/Karachi, which is Pakistan's standard time.
Along with their well-known methods, Transparent Tribe is also adopting new methods. In October 2023, they used ISO images as a method of attack. BlackBerry has also detected a new Golang compiled all-in-one spying tool used by the group, which has the ability to search and extract files with popular file extensions, take screenshots, upload and download files, and run commands.
`; articlesDiv.innerHTML += articleHTML; }); } // Initialize and render feeds fetchAndRenderFeeds();