Tag Archive for: indian

Mobile Banking Trojan Campaigns Target Indian Android Users

/in


Cybercrime
,
Endpoint Security
,
Fraud Management & Cybercrime

Hackers Use Messaging Apps WhatsApp, Telegram to Bait Victims

Mihir Bagwe (MihirBagwe) •
November 21, 2023    

Mobile Banking Trojan Campaigns Target Indian Android Users
Microsoft is warning about banking Trojans spread on social media. (Image: Shutterstock)

Mobile banking Trojans spread through deceptive social media messages remain a problem for Indian smartphone users, warns Microsoft.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

India accounts for 4 in 10 global transactions made with digital payments, according to the National Payments Corporation of India – a development facilitated by ubiquitous QR codes and a national digital identity program known as Aadhaar that covers nearly every Indian.

Microsoft said in a Monday blog post that mobile malware infections aren’t a new threat to Indian users, but they “pose a significant threat” of financial loss and data theft.

Fraudsters use WhatsApp and Telegram to distribute malicious apps masquerading as legitimate banks, government services and utilities software. Hackers are using a relatively new tactic of directly sharing malicious Android app files with the mobile users over messaging platforms.

Ongoing campaigns led to the discovery of two fraudulent applications designed to deceive Indian banking customers.

Targeting Account Information

Threat actors used WhatsApp in a recent, widely circulated phishing campaign to deliver a fake banking app disguised as a “know your customer” app that tricks users into submitting…

Source…

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

/in


Indian Hack-for-Hire Group

An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.

The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.

In May 2013, ESET disclosed a set of cyber attacks targeting Pakistan with information-stealing malware. While the activity was attributed to a cluster tracked as Hangover (aka Patchwork or Zinc Emerson), evidence shows that the infrastructure is owned and controlled by Appin.

“The group has conducted hacking operations against high value individuals, governmental organizations, and other businesses involved in specific legal disputes,” SentinelOne security Tom Hegel said in a comprehensive analysis published last week.

“Appin’s hacking operations and overall organization appear at many times informal, clumsy, and technically crude; however, their operations proved highly successful for their customers, impacting world affairs with significant success.”

Cybersecurity

The findings are based on non-public data obtained by Reuters, which called out Appin for orchestrating data theft attacks on an industrial scale against political leaders, international executives, sports figures, and others. The company, in response, has dismissed its connection with the hack-for-hire business.

One of the core services offered by Appin was a tool named “MyCommando” (aka GoldenEye or Commando) that allowed its customers to log in to view and download campaign-specific data and status updates, communicate securely, and choose from various task options that range from open-source research to social engineering to a trojan campaign.

The targeting of China and Pakistan is confirmation that an Indian-origin mercenary group has been roped in to conduct state-sponsored attacks. Appin has also been identified as behind the macOS spyware known as KitM in 2013.

What’s more, SentinelOne said it also identified instances of domestic targeting with the goal of stealing login…

Source…

91% Indian firms faced ransomware attacks in 2022: Report

/in


New Delhi: Information security company, CyberArk, on Sunday said that more than 91 percent of the Indian organisations experienced ransomware attacks in 2022 while 55 percent of the affected organisations reported paying up twice or more to allow recovery, signalling that they were likely victims of double extortion campaigns.

CyberArk, in its report said that Indian organisations experienced growing cyber debt in 2022 where security spending over the pandemic period lagged investment in broader digital business initiatives.

In 2023, levels of cyber debt are expected to rise as a result of an economic downturn, increased staff turnover, a drop in consumer spending, and an uncertain global environment.

“New environments create new identities and, consequently, compromising identities will remain the most preferred method for attackers to evade cyber defences and gain access to critical data and assets,” said Rohan Vaidya, regional director, India & SAARC, CyberArk.

Moreover, the report showed that all (100 percent) organisations in India expect identity-related compromise this year, stemming from economic-driven cutbacks, geopolitical factors, cloud adoption and hybrid working.

About 84 percent said that this will happen as part of a digital transformation initiative such as cloud adoption or legacy app migration.

Nearly 61 percent of security professionals expect AI-enabled threats to affect their organisation in 2023, with AI-powered malware cited as the top concern.

Further, the report said that about 92 percent of organisations feel code/malware injection into their software supply chain is one of the biggest security threats their organisations face.

“Business transformation, driven by digital and cloud initiatives, continues to result in a surge in new enterprise identities. While attackers are constantly innovating, compromising identities remains the most effective way to circumvent cyber defences and access sensitive data and assets,” said Matt Cohen, chief executive officer, CyberArk.

Credential access remains the number one risk for respondents (cited by 45 percent), followed by defence evasion (34 percent),…

Source…

Counter CyberAttack: Indian Hackers Retaliate, Paralyze 10 Pakistani Embassy Sites in Worldwide DDoS Drama!

/in


This massive online assault was not a standalone event but a counter attack. It was the Kerela Cyber Xtractors’ robust response to the recent DDoS attack launched by a Pakistani hacktivist group, Team Insane PK, that targeted 23 Indian State Police websites.

Updated May 18, 2023 | 12:49 PM IST

Global Cyber Showdown: Indian Hacktivists Strike Back, Neutralizing 10 Pakistani Embassy Websites!

KEY HIGHLIGHTS

  • Indian Hacktivist Retaliation Cripples 1 Pakistani Embassy Websites in a Global DDoS Attack!
  • Rise of the Cyber Guardians – Indian Hacking Groups Fight Back to Defend National Cyber Space!
  • Night of the Cyber Blitz – DDoS Attack Renders Government Websites Inaccessible, Disrupting Public Services!
Just as the clock struck midnight on May 18th, a high-voltage wave of cyber warfare shook the digital world. In a daring act of retaliation, Indian hacktivist group Kerela Cyber Xtractors claimed responsibility for successfully taking down a total of 10 Pakistani Embassy websites across the globe. The impacted nations included India, France, Germany, and Kazakhstan, leaving a significant imprint on the digital map.

The Silent Art of War – Understanding DDoS

For the uninitiated, a Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal functioning of a network, service, or website by overwhelming it with a flood of internet traffic. Imagine trying to get a sip of water from a fire hydrant. That’s how overwhelming a DDoS attack can be for a server. It is like being stuck in an ever-growing traffic jam, leading to a gridlock of services.

The Counterblow – A Call to Digital Arms

This massive online assault was not a standalone event but a counter attack. It was the Kerela Cyber Xtractors‘ robust response to the recent DDoS attack launched by a Pakistani hacktivist group, Team Insane PK, that targeted 23 Indian State Police websites.

List of Attacked Websites:

Kerala Cyber Xtractors Official Post

  1. Pakmissionfrankfurt.de
  2. pakconsulatela.org
  3. pakconsulateist.com
  4. pakistanconsulatehouston.org
  5. pakembsofia.gov.pk
  6. pakembparis.com
  7. pakembassyankara.com
  8. pakvienna.at
  9. pakhcnewdelhi.org.pk
  10. pakembkazakhstan.org

Downed Websites: A Digital Catastrophe

While it might seem like an online…

Source…