T-Eye Threat Intelligence Report for The Month of September 2016


Preventing cyberattacks has never been more difficult as the highly dynamic and growing threat landscape is putting organizations of all sizes and industries at risk. The monthly TI reports empower organizations by enlightening them on the latest security threats and vulnerabilities. With the help of the accurate, relevant and actionable information provided in this report organizations can protect and defend their digital boundaries. The major set of attacks that have been discovered recently in Pakistan by global and TISS' research and IR teams are summarized as follows:


Ransomware is constantly affecting Pakistan based organizations with key motive of encrypting data of targeted organizations and individuals and rendering it useless until a hefty ransom is paid for decryption. There has been an exponential increase in the number of Ransomware attacks since 2015 and prevention from this threat is highly recommended at all layers. In recent Ransomware attacks, it has been noted that the malware also steals personal information of the affectee.

Information Stealers:

Malwares that steal credential based information stored in email clients, browsers and FTP clients have been constantly on a rise. Most of these malwares are sent to the users via email attachments. Once the attachment is opened – the malware steals information related to stored credentials and sends it to the attacker.
This report has been compiled using our advanced threat intelligence gathering platform consisting of sensors like honeypots, web crawlers and aggregators deployed through-out Pakistan. The information obtained using these sensors is then enriched by extensive correlation from different sources and is further refined as per requirement. TISS will soon make these threat feeds available to Pakistan based organizations so that their Security Information and Event Management (SIEM) systems, Firewalls and Intrusion Detection / Prevention Systems can be fed to provide protection against Pakistan specific attacks. If you require more details on these threats or are facing one of these or a different malware, please reach out to us for a focused and quick response