Beginning 7 March 2024, EclecticIQ analysts identified an uncategorized threat actor that utilized a modified version of the open-source information stealer HackBrowserData[1] to target Indian government entities and energy sector. The information stealer was delivered via a phishing email, masquerading as an invitation letter from the Indian Air Force. The attacker utilized Slack channels as exfiltration points to upload confidential internal documents, private email messages, and cached web b