Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Operation Celestial Force: Cosmic Leopard’s Malware Menace Continues to Roar
Pakistan-linked threat actors have been running “Operation Celestial Force” since 2018, deploying the Android malware GravityRAT and Windows-based HeavyLift. According to Cisco Talos, the operation uses the GravityAdmin tool for coordination. Cosmic Leopard, the adversary behind the attacks, targets users in the Indian subcontinent with…
Hot Take:
Cosmic Leopard is proving that when it comes to malware, they’ve got their claws in everything. From Windows to Android, their malware suite is like the Swiss Army knife of cyber-espionage. It’s almost impressive — if it wasn’t terrifying.
Key Points:
- Operation Celestial Force has been active since at least 2018, using GravityRAT and HeavyLift malware.
- Cosmic Leopard (aka SpaceCobra) is the threat actor behind this operation, linked to Pakistan and targeting the Indian subcontinent.
- GravityRAT initially targeted Windows but has evolved to Android and macOS, employing spear-phishing to spread.
- HeavyLift, the latest addition, targets Windows systems and has similarities with GravityRAT.
- GravityAdmin is used to orchestrate these attacks, managing multiple campaigns with various code names.
Already a member? Log in here