216.73.217.80

Phishing Attack: Deploying Malware on Indian Defense BOSS Linux

· Published 08/08/2025 17:08 · Modified 10/08/2025 21:44

Export JSON

Essential information

Published
08/08/2025 17:08
Modified
10/08/2025 21:44
Tags
.desktop file 2025-08-08 apt36 boss linux boss.elf cyber espionage elf binary indian defense phishing transparent tribe
Related entities
8 observables, 1 intrusion sets (apt), 4 techniques (mitre), 3 others

Description

, a Pakistan-based threat actor, has launched a sophisticated cyber-espionage campaign targeting the sector. The group has adapted its tactics to focus on Linux-based environments, particularly , used by Indian government agencies. The attack involves emails with a ZIP file containing a malicious .desktop file. When executed, it downloads a legitimate PowerPoint file as a decoy while simultaneously deploying a malicious . This multi-stage approach aims to bypass user suspicion and evade traditional security measures. The campaign signifies an advancement in 's capabilities and poses an increased risk to critical government and defense infrastructure. Organizations using Linux-based systems are advised to implement robust cybersecurity controls and threat detection mechanisms to mitigate potential risks.

External references