Security News

Cybersecurity researchers are warning of "Massive phishing campaigns" that distribute five different malware targeting banking users in India. "The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentially affecting millions of customers," Trend Micro said in a report published this week.

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. The cybersecurity company said the advanced persistent threat group has also conducted low-volume credential harvesting attacks in which rogue websites masquerading as official Indian government websites were set up to lure unwitting users into entering their passwords.

Asia In Brief India's government has given itself the power to compel social networks to take down content. India's minister of state for electronics and information technology, Rajeev Chandrasekhar, said the GACs are needed because India's previous attempt at regulating social media - requiring the networks to appoint a grievance officer - has not delivered.

A new version of the Drinik Android trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. Drinik has been circulating in India since 2016, operating as an SMS stealer, but in September 2021, it added banking trojan features that target 27 financial institutes by directing victims to phishing pages.

Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "Some of its IT systems," the company said in a filing with the National Stock Exchange of India.

An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application. The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a sketchy website that triggers the download of the fake banking rewards app for ICICI Bank.

Chinese scammers have reportedly stolen a whopping $529 million dollars from Indian residents using instant lending apps, lures of part-time jobs, and bogus cryptocurrency trading schemes, according to the cyber crime unit in the state of Uttar Pradesh. "The instant loan apps, the part-time job offers and now the crypto trading fraud, all of them are being operated by the same hackers from China. The SMS aggregators are also involved in it," Uttar Pradesh Cyber Crime Superintendent of Police Triveni Singh said, according to Press Trust Of India.

A ruling handed down from the Delhi High Court this week declared that Telegram must hand over information such as IP addresses, mobile numbers, and devices used by channels on the platform involved in copyright infringement. On behalf of Telegram, the platform's senior counsel, Amit Sibal, said that the arrangement already in place directing Telegram to take down the infringing channels was "Sufficient to protect the interest of the plaintiffs."

India's military has celebrated the nation's Independence Day by announcing it will adopt locally developed quantum key distributiontechnology that can operate across distances of 150km. While the likes of Toshiba offer a commercial service, current implementations such as a network in London span just 32km. India's military announced it has trialled tech that operates over 150km, and now plans to buy it and put it to work.

The advanced persistent threat group known as Transparent Tribe has been attributed to a new ongoing phishing campaign targeting students at various educational institutions in India at least since December 2021. Also tracked under the monikers APT36, Operation C-Major, PROJECTM, Mythic Leopard, the Transparent Tribe actor is suspected to be of Pakistani origin and is known to strike government entities and think tanks in India and Afghanistan with custom malware such as CrimsonRAT, ObliqueRAT, and CapraRAT. But the targeting of educational institutions and students, first observed by India-based K7 Labs in May 2022, indicates a deviation from the adversary's typical focus.