Post

Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict

Posted Updated
By ictsec.pl
1 min read

Executive Summary

On May 7, 2025, during the active military escalation between Pakistan and India—specifically in the context of India’s military campaign ‘Operation Sindoor’—, EclecticIQ analysts observed that Bitter APT (also known as TA397) very likely targeted the Pakistan Telecommunication Company Limited (PTCL) workers in a spear phishing campaign very likely to deliver malware. Analysts assess that, Bitter APT is very likely a South Asian state-sponsored actor, conducting cyber-enable espionage operations by stealing state and trade secrets.

EclecticIQ and Hudson Rock researchers assess that Bitter APT very likely used stolen email credentials from Pakistan’s Counter Terrorism Department (CTD) to carry out the attack. The spear phishing campaign targeted PTCL personnel in critical roles, including 5G infrastructure engineers, DevOps specialists, project managers, and satellite communication experts.

To read the complete article see:
Full Article

Learn more here:
Learn More

***Working at Team Cymru is more than a job — it’s a chance to be part of something meaningful.
Enjoy outstanding benefits, work with incredible people, and contribute to a mission that truly matters.
Explore open roles and join us:
Careers at Team Cymru

APT
PAKISTAN PTCL BITTER APT CYBERSECURITY MALWARE
This post is licensed under CC BY 4.0 by the author.