T-Eye Threat Intelligence Report for The Month of July 2016


The best way to prevent against threats is to proactively and astutely identify them before they hit your network. Trillium Information Security Systems is extremely proud to present the July edition of T-Eye Threat Intelligence Report that displays unique threats that are being seen in Pakistan cyberspace. This report would guide all concerned stakeholders in Pakistan to protect their network proactively to ensure continuous business flow. The major set of attacks that have been discovered recently in Pakistan by global and TISS' research and IR teams are summarized as follows:

Information Stealers

Malwares that steal credential based information stored in email clients, browsers and FTP clients have been constantly on a rise. Most of these malwares are sent to the users via email attachments. Once the attachment is opened – the malware steals information related to stored credentials and sends it to the attacker.


Ransomware malware is constantly affecting Pakistan based organizations with key motive of encrypting data of targeted organizations and individuals and rendering it useless until a hefty ransom is paid for decryption. There has been exponential increase in number of Ransomware attacks since 2015 and prevention from this threat is highly recommended at all layers. In recent Ransomware attacks, it has been noted that the malware also steals personal information of the target.

This report has been compiled using our advanced threat intelligence gathering platform consisting of sensors like honeypots, web crawlers and aggregators deployed through-out Pakistan. The information obtained using these sensors is then enriched by extensive correlation from different sources. Our aim for releasing these monthly reports is to enable all stakeholders in Pakistan to keep abreast with the on-going threats and remain vigilant in protecting their networks from potential attacks. TISS will soon make these threat feeds available to Pakistan based organizations so that their Security Information and Event Management (SIEM) systems, Firewalls and Intrusion Detection / Prevention Systems can be fed to provide protection against Pakistan specific attacks.


The July edition of the T-Eye Threat Intelligence Report can be downloaded by visiting: http://www.triam.com.pk/resources/threat-intelligence-services/july-2016 We hope you find the report helpful. Feel free to contact us with any query, question or suggestion.