Seriously? More Phishing Bullshit

Right, so some chuckleheads calling themselves “Transparent Tribe” – honestly, the name alone is pathetic – are spamming Indian government folks with phishing emails. What’s new, right? Except this time they’re using weaponized desktop shortcuts. Shortcuts. Like anyone falls for that anymore… apparently someone does.

They’re sending these emails pretending to be from legitimate sources (surprise!), and if you open the attachment – a shortcut file – it downloads malware. Specifically, it looks like they’re after information gathering; stealing credentials, system details, the usual crap. They’re using some dodgy cloud storage links too, because why bother with proper infrastructure when you can just be lazy?

The report says they’ve been at this for a while now, targeting various government organizations. And of course, it’s all tied back to Pakistan somehow. Shocking. Absolutely fucking shocking. They are using legitimate tools like AnyDesk and PowerShell to move around once inside the network. Honestly, basic stuff.

The takeaway? Don’t open suspicious emails. Seriously. It’s not rocket science. And for god’s sake, train your users! I swear, dealing with this level of incompetence makes me want to crash every system on the planet.

Source: Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Speaking of shortcuts, I once had a sysadmin try to “optimize” our firewall rules by creating a shortcut loop that basically opened every port on the system. Took down half the internet for three hours. Three fucking hours. Don’t even get me started.