Hackers broke into Pakistan’s largest data center, run by the Federal Board of Revenue (FBR), and broke Microsoft’s hyper-V software, knocking down all of the tax authority’s main websites. Hackers are using government job advertisement-related emails to obtain confidential information from the Federal Board of Revenue, according to the National Telecom and Information Technology Security Board (NTISB). Hackers are spreading a phishing email with the subject “Govt Jobs/Recruitment” that contains a malicious Word document as an attachment. A malware executes in the background when you download the attachment. The Confucius APT Group used a spear-phishing attack to collect information on a massive scale using a bio-data form. The FBR’s database is the world’s largest, containing information on trillions of rupee transactions, as well as details on citizens’ wealth, income, and expenditures. It also contains information on their different personal and corporate transactions, which are subject to various sorts of withholding taxes. PRAL urged FBR staff to closely adhere to the IT Security Policy authorized by the FBR. Employees were instructed not to open attachments in suspicious emails, particularly those containing Word, Excel, PowerPoint, or PDF files. Employees of the FBR were also ordered to double-check the senders’ email addresses. PRAL also cautioned FBR personnel about disclosing personal information to third parties and asked them not to do so.
