Threat Intelligence Feed

G1002 - BITTER

G1002 – BITTER is a suspected South Asian cyber espionage threat group that has been active since at least 2013. BITTER has primarily targeted Government, energy, and engineering organizations in Pakistan, China, Bangladesh, and Saudi Arabia.

Forcepoint Security Labs recently encountered a strain of attacks that appear to target Pakistani nationals. We named the attack “BITTER” based on the network communication header used by the latest variant of remote access tool (RAT) used.