Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups
released on 2018-11-29 @ 06:12:58 PM
Recently, 360 Threat Intelligence Center found a series of targeted attacks against Pakistan targets. Attacker exploited one vulnerability (CVE-2017-12824) of InPage to craft bait documents (.inp). InPage is a word processing software designed specifically for Urdu speakers (official language in Pakistan). In addition, Office documents with CVE-2018-0798 vulnerability were also used in the attack. Kaspersky disclosed one target attack in which InPage vulnerability was exploited in November 2016 . However, first attack by using such software vulnerability can be traced back to June 2016.