A criminal hacking group concentrated in Pakistan has in recent months carried out a string of attacks on American, British, Russian, and Spanish governmental organizations, according to new research from cybersecurity company Palo Alto Networks.
The hacking collective known as the Gorgon Group “has been performing criminal operations against targets across the globe, often using shared infrastructure with their targeted attack operations,” Palo Alto Networks’ threat intelligence arm, Unit 42, said in a blog post Thursday.
The group has been targeting foreign government agencies operating in Pakistan, partly through malware-laced Microsoft Word documents, the researchers found. “The spear phishing emails involved in this campaign would most often originate from Gmail accounts masquerading as legitimate individuals, such as a prominent lieutenant colonel in the Pakistani military,” they wrote. It is unclear if the attackers are all based in Pakistan, but they claim to be through online personas, according to the research.