APT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing Campaign

APT36, also known as Transparent Tribe, a Pakistan-based cyber espionage group, has launched a highly sophisticated phishing campaign targeting Indian defense personnel.

According to recent findings by CYFIRMA, this group has meticulously crafted phishing emails that deliver malicious PDF attachments disguised as official government documents.

Cyber Espionage Group Transparent Tribe Strikes Again

These deceptive files are designed to infiltrate sensitive defense networks, focusing on credential harvesting and long-term access to critical infrastructure.

This campaign underscores the evolving threat landscape where nation-state actors like APT36 continuously refine their tactics, techniques, and procedures (TTPs) to conduct targeted espionage against strategic sectors.

The phishing campaign begins with emails embedding a malicious PDF file named “PO-003443125.pdf,” which, upon opening, displays a blurred background and a deceptive button mimicking the login interface of the National Informatics Centre (NIC).

This clever social engineering tactic lures victims into clicking the “Click ...