WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
HOME ACCOUNT PRODUCTS NEWS ARTICLES DIRECTORY CLASSIFIEDS FORUMS TOOLS
* Find Web Hosting Deals on WebsiteGear Classifieds !
  Home News Technology Internet Security Saturday, May 17, 2025 
Add Press Release News | News Feeds Feeds | Email This News Email


Lumen Black Lotus Labs issues important report on suspected Pakistani threat actor targeting victims in South and Central Asia
Thursday, June 24, 2021

Actor's capabilities appear to be growing with execution of new, custom-developed framework

DENVER, June 22, 2021 /PRNewswire/ -- Black Lotus Labs, the threat intelligence arm of Lumen Technologies (NYSE: LUMN), today released a detailed report about a suspected Pakistani threat actor that executed a custom-developed framework to compromise multiple targets in South Asia, including a power company in India.

In the report, Black Lotus Labs details how it detected a new remote access trojan (RAT) it's calling ReverseRat - which was deployed in parallel with an open-source RAT called Allakore - to infect machines and achieve persistence. Based on the team's global telemetry and analysis, it determined that the actor is targeting government and energy organizations in the South and Central Asia regions, and it has operational infrastructure hosted in Pakistan.

Threat Assessment

    --  The ReverseRat infection chain is noteworthy because of the steps it
        takes to avoid detection and the critical nature of the targeted
        entities.
    --  While this threat actor's targets have thus far remained within the
        South and Central Asian regions, they have proven effective at gaining
        access to networks of interest.
    --  Black Lotus Labs assesses that as this actor continues to develop its
        capabilities and refine its multi-step infection processes, it could
        pose a real threat to organizations in and beyond these regions.

Black Lotus Labs Response

    --  To combat this campaign, Black Lotus Labs null-routed the actor's
        infrastructure across the Lumen global IP network and notified the
        affected organizations.
    --  Black Lotus Labs continues to follow this threat group to detect and
        disrupt similar compromises, and it encourages other organizations to
        monitor for and address this and similar campaigns in their
        environments.
    --  Black Lotus Labs is committed to tracking adversary groups such as this
        and documenting their tradecraft to proactively help defenders.

Recommendations
Given the nature of the critical sectors the actor is targeting and the low rate of detection, Black Lotus Labs advises security practitioners to learn the actor's current tactics, tools and procedures (TTPs) to better defend their organizations against potential attacks.

For additional IOCs such as file hashes associated with this campaign, and for this threat actor's larger activity cluster, please visit the Black Lotus Labs blog.

Anyone interested in collaborating on similar research can contact Black Lotus Labs on Twitter @BlackLotusLabs.

About Lumen Technologies:
Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With approximately 450,000 route fiber miles and serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences.

Learn more about the Lumen network, edge cloud, security, communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com/home, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies. Lumen and Lumen Technologies are registered trademarks in the United States.

View original content to download multimedia:http://www.prnewswire.com/news-releases/lumen-black-lotus-labs-issues-important-report-on-suspected-pakistani-threat-actor-targeting-victims-in-south-and-central-asia-301316843.html

SOURCE Lumen Black Lotus Labs



Email This News Email | Submit To Slashdot Slashdot | Submit To Digg.com Digg | Submit To del.icio.us Del.icio.us | News Feeds Feeds

RELATED NEWS ARTICLES
Nav Indusface redefines WAAP user experience with industry-first innovations in AppTrana | Mar 28, 2025
Nav EXECUTIVE PRODUCER BRADLEY COOPER'S FILM CAREGIVING TO PREMIERE ON PBS FOR NATIONWIDE BROADCAST JUNE 24 STREAMING BEGINS MAY 27 | Mar 28, 2025
Nav Trend Micro Launches Voice-Enabled ScamCheck Capability to Help Protect Consumers from the Rising Threat of Global Scams | Mar 28, 2025
Nav Splitit Unveils First Fully Embedded White-Label Installment Solution for Shopify Merchants | Mar 28, 2025
Nav /C O R R E C T I O N -- Bell Canada (MTL)/ | Mar 28, 2025
Nav Keeper Security Unveils Latest WearOS App for Seamless Password Management | Mar 28, 2025
Nav Leading Endpoint Protection Solutions for Combatting Cyberthreats Identified in Info-Tech Research Group's New Emotional Footprint Report | Mar 28, 2025
Nav Hornetsecurity named Top Player in Radicati's Secure Email - Market Quadrant 2025 | Mar 28, 2025
Nav Ontinue Research Reveals Ransomware Attacks Surged 132% Despite 35% Drop in Payments | Mar 28, 2025
Nav Identity Theft After a Data Breach? Legal Action May Recover Your Losses | Console & Associates | Mar 28, 2025
NEWS SEARCH
Survey Software
Survey Software
Click Tracking Software
Click Tracking
Poll Software
Poll Software
Rating Software
Rating Software
FEATURED NEWS | POPULAR NEWS
Submit News | View More News View More News
Copyright © 2003-2025 WebsiteGear Inc. All rights reserved. WEBSITEGEAR® is a registered trademark of WebsiteGear Inc.