Latest Job Opportunities in India
Discover top job listings and career opportunities across India. Stay updated with the latest openings in IT, government, and more.
Check Out Jobs!Read More
Pakistan was injured by the infiltrated Confucius through the new Wooperstealer programs and harmful programs – Anondoor –
Publishing views: 1
“Recently, Pakistan was beaten by the infiltrators of Confucius using the new Wooperstealer program and harmful programs Anondoor.”
A modern fishing voltage targeted Pakistan using harmful software families such as Wooperstealer and Anondoor as a threat representative known as Confucius.
Kara Lane, researcher, Forteteneotord
| “Using the summer and malicious documents in the spear as preliminary arrival, Confucius has targeted government agencies, military institutions, defense contractors and major companies, especially in Pakistan, during the past ten years.” “The group has shown great flexibility, as it set its tool group to suit the priorities of the variable intelligence collection and add discourse measures to avoid discovery.” “Her recent efforts clarifying Confucius, in addition to her ability to switch quickly between methods, infrastructure and families of harmful programs to maintain the operational event.” “To ensure continuous and confidential data nomination without warning from user or safety systems, malware awaits a forcibly for a period of formation and determines data transfer until 20 times, and registration failure.” |
It is believed that a group of infiltrators known as Confucius has been active in South Asia since 2013. The actor of threats to the rear paper based on Bethon in modern campaigns indicates a development in the light movement of the group and TradeCraft.
At one time in December 2024, one of the attacks that reported Fortinet reported on the targeted users in Pakistan by deceiving them to open a.
It has been discovered that the additional assault wave, observed in March 2025, used Windows files (.LNK) for the malicious DLL version, which began again by downloading DLL side, to steal special information from the victim’s computers.
Similar technologies were used by the LNK file discovered in August 2025 to download DLL harmful. However, this time, the DLL opens the door for Anondoor, a Python farm that aims to steal the device data and send it to an external server, where you are waiting for additional tasks to carry out orders, take screenshots, files and evidence, and recover the Google Chrome password.
It is worth noting that the well -known Seebug’s 404 team has documented the use of the actor of the threat to Anondoor in July 2025. The representative of the threat aims to shift towards long -term monitoring and perseverance when they move from the use of information theft to the rear door. /P>
K7 Security Labs has unveiled the sequence of infection associated with the patching group that begins with a harmful micro that aims to download the .LNK file that contains the PowerShell icon that launches the main malware with a fake PDF document display. It also uses DLL loading to get additional loads.
For its part, the last beneficial load is connected to the leadership server and control of the actor (C2), collects system data, and gets an encrypted order that is then encrypted for use with CMD.EXE.
In addition, it has the ability to download files from the URL from a distance, download files from the computer, capture screenshots, and save data locally in a temporary guide.
About the author
Suraj Cole He is a content specialist in technical writing about cybersecurity and information security. He wrote many amazing articles on cybersecurity concepts, with the latest trends in electronic awareness and ethical piracy. Learn more about “him”.
Read more:
Red Hat confirms the data breach: The militants steal 570 GB from the special warehouses
About the author
https://www.news4hackers.com/pakistan-got-hit-by-confucius-hackers-via-new-wooperstealer-and-anondoor-malware/
