Security News
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access trojans on compromised systems. The multi-stage attack chain commences when an email recipient clicks the embedded link pointing to a password-protected ZIP file hosted on Microsoft OneDrive with the password "12345."
India's tech minister Rajeev Chandrasekhar confirmed "A Telegram Bot was throwing up Co-WIN app details upon entry of phone numbers," but claimed the data came from a previous breach unrelated to Co-WIN. India's Ministry of Health and Family Welfare later denied any breach, writing "It is clarified that all such reports are without any basis and mischievous in nature." "Union Health Ministry has requested the Indian Computer Emergency Response Team to look into this issue and submit a report. In addition, an internal exercise has been initiated to review the existing security measures of Co-WIN," states a Ministerial announcement.
India is the largest market for WhatsApp, with over 450 million users - many of whom have in the last couple of weeks received plenty of spam calls from overseas. Might scammers have turned to WhatsApp after conventional carriers hardened up?
An advanced persistent threat group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development Organization, the research and development wing of India's Ministry of Defence. Known for emulating the infection chains associated with SideWinder to deliver its own malware, SideCopy is a threat group of Pakistani origin that shares overlaps with Transparent Tribe.
India's rules requiring local organizations to report infosec incidents within six hours of detection have been observed by a mere 15 entities/. Analysts quickly pointed out that requiring organizations to report an incident just six hours after detecting it would likely lead to poor-quality reports being filed.
India's government has started to consult some proposed details of its long-awaited Digital India Act, including a declaration that the bill needed a dedicated adjudicatory tool for offenses committed online. According to the Ministry of Electronics & IT, minister of state Rajeev Chandrasekhar said the bill's guiding principles include "Managing the complexities of internet and rapid expansion of the types of intermediaries addressing the risks of emerging technologies, protecting citizen rights, managing and setting guardrails for the varied intermediaries on the internet."
Tensions between two of the biggest producers of connected devices are coming to a head, and will be changing the IoT landscape in 2023. In recent months, India and China have faced off over their disputed border in the Himalayas.
In remarks made to Indian outlet The Economic Times, minister of state for electronics and IT Rajeev Chandrasekhar said the government's plan was to "Crack down on enemies of India, state actors, those with vested interests, child sexual abuse, and religious incitement" - but not on general news or comment. Over the weekend, the minister also raised the topic of having Big Tech pay to link to news stories published by India's media.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries. A second set of 250 accounts on Facebook and Instagram linked to another Israeli company called QuaDream was found "Engaged in a similar testing activity between their own fake accounts, targeting Android and iOS devices in what we assess to be an attempt to test capabilities to exfiltrate various types of data including messages, images, video and audio files, and geolocation."
India's Telecom Regulatory Authority has announced a fresh crackdown on TXT spam - this time using artificial intelligence, after a previous blockchain-powered effort delivered mixed results. The TRAI's approach to managing spam - or Unsolicited Commercial Communication as it prefers to describe it - saw the regulator create a mandatory register of telemarketers and telecoms service providers, and require them to secure opt-ins from message recipients.