Security News

China accused of cyberattacks on Indian power grid
2022-04-08 07:58

China has been accused of conducting a long-term cyber attack on India's power grid, and has been implicated in cyber attacks against targets in Ukraine. Cybersecurity firm Insikt Group found network intrusions at seven Indian State Load Dispatch Centers that conduct real-time operations for grid control and electricity dispatch, according to a report released Wednesday.

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials
2022-03-29 20:15

A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021. "Their primary targets have been government and military personnel in Afghanistan and India. This campaign furthers this targeting and their central goal of establishing long term access for espionage."

Hackers use modified MFA tool against Indian govt employees
2022-03-29 16:29

A new campaign from the hacking group tracked as APT36, aka 'Transparent Tribe' or' Mythic Leopard,' has been discovered using new custom malware and entry vectors in attacks against the Indian government. The particular threat actor has been active since at least 2016, based in Pakistan, and its targets have historically been almost exclusively Indian defense and government entities.

Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers
2022-02-11 03:49

A previously unknown hacking group has been linked to targeted attacks against human rights activists, human rights defenders, academics, and lawyers across India in an attempt to plant "Incriminating digital evidence." Cybersecurity firm SentinelOne attributed the intrusions to a group it tracks as "ModifiedElephant," an elusive threat actor that's been operational since at least 2012, whose activity aligns sharply with Indian state interests.

New CapraRAT Android Malware Targets Indian Government and Military Personnel
2022-02-07 05:34

A politically motivated advanced persistent threat group has expanded its malware arsenal to include a new remote access trojan in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high "Degree of crossover" with another Windows malware known as CrimsonRAT that's associated with Earth Karkaddan, a threat actor that's also tracked under the monikers APT36, Operation C-Major, PROJECTM, Mythic Leopard, and Transparent Tribe.

U.S. Authorities Charge 6 Indian Call Centers Scamming Thousands of Americans
2022-02-04 01:35

A number of India-based call centers and their directors have been indicted for their alleged role in placing tens of millions of scam calls aimed at defrauding thousands of American consumers. The indictment charged Manu Chawla, Sushil Sachdeva, Nitin Kumar Wadwani, Swarndeep Singh, Dinesh Manohar Sachdev, Gaje Singh Rathore, Sanket Modi, Rajiv Solanki and their respective call centers for conspiring with previously indicted VoIP provider E Sampark and its director, Guarav Gupta, to forward the calls to U.S. citizens.

Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments
2021-12-03 05:54

A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings go into detail about the new tactics and tools adopted by the APT group known as SideCopy, which is so-called because of its attempts to mimic the infection chains associated with another group tracked as SideWinder and mislead attribution.

Indian bank smacks down allegation it exposed 180 million customers' accounts
2021-11-23 01:58

India's Punjab National Bank has smacked down a security firm's allegation that it exposed personal and financial data of its 180 million customers - but appears to have admitted its Exchange Server implementation wasn't in tip-top shape. In the same report, the Bank admitted that it uses Exchange, but the allegedly unpatched servers were only used to route mail to Office365 and contain no sensitive data.

Indian securities depository exposed 44 million investors' personal info – twice
2021-11-09 04:58

Indian infosec consultancy CyberX9 claims it twice found records of 43.9 million shareholders exposed by systems operated by Central Depository Services Limited - and that the depository company responded slowly to its alerts of significant vulnerabilities. CyberX9 has alleged that CDSL exposed data describing even more customers, with full names, tax department ID numbers, marital status, date of birth, nationality, residential address, email address, occupation details, and even the names of spouses and parents leaked.

Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo
2021-10-11 10:00

A prominent Togolese human rights defender has been targeted with spyware by a threat actor known for striking victims in South Asia, marking the hacking group's first foray into digital surveillance in Africa. Amnesty International tied the covert attack campaign to a collective tracked as "Donot Team", which has been linked to cyber offensives in India and Pakistan, while also identifying apparent evidence linking the group's infrastructure to an Indian company called Innefu Labs.