Pakistani government site used as a tracking platform for passport applications has been compromised to deliver a ScanBox framework payload. The framework is a self-contained JavaScript-based keylogger designed to record users’ keystrokes while they’re browsing a website. The attackers don’t have to drop any malware on their victims’ computers, the only requirement is the JavaScript code to be executed by the visitor’s browser. The compromised website could potentially be used as part of a watering hole attack targeted at a specific group of targets.
Source: https://www.bleepingcomputer.com/news/security/pakistani-government-site-compromised-logs-visitor-keystrokes/