The Dark Pink Hackers Group Targeting Military & Government Organizations



Security researchers at Group IB analyzed recent attacks that target military, government, and education organizations.

The hacker group is seemingly still active in 2023 and has been conducting activities.

The hacker group was first exposed in January 2023, but that hasn't slowed it down as it continues to conduct campaigns.

There have been additional breaches against the institutions in different parts of the world.

The hackers carried out several commits on the repository throughout  2023, mostly to add or upgrade malware.

The threat actors use a private GitHub repository to host extra modules downloaded by the malicious malware.

In addition to this, the backdoor can also download and carry out arbitrary scripts on the compromised device.

The hacker group displayed variations in its data exfiltration process and is going beyond the ZIP archive.

Read the full story here.