Updated News Around the World

Pakistan-based threat actors attacking IITs, Indian Army: Modus operandi, motive, and other details

A new wave of cyber attacks against the Indian Army and the education sector organised by a Pakistan-based group has come to light. According to a report by Seqrite, the enterprise arm of Pune-based Quick Heal Technologies, the threat group is called Transparent Tribe. It has been targeting Indian military entities and educational institutions in the country, such as IITs and NITs. The group is believed to have originated in 2013. 

Aim of these attacks? The threat group targets to deceive unsuspecting victims into divulging sensitive information through this sophisticated tactic.

According to the researchers, the group is using a malicious file titled “Revision of Officers posting policy” to lure the Indian Army into compromising their systems. The file is disguised as a legitimate document, but it contains embedded malware designed to exploit vulnerabilities.

The cybersecurity researchers also observed an alarming increase in the targeting of the education sector. According to it, Transparent Tribe has been targeting India’s prestigious educational institutions such as the Indian Institutes of Technology (IITs), National Institutes of Technology (NITs), and business schools since May 2022. These attacks intensified in the first quarter of 2023, reaching their peak in February, the team notes.

“The subdivision of the Transparent Tribe, known as SideCopy, has also been identified targeting an Indian defence Organisation. Their modus operandi involves testing a domain hosting malicious file, potentially to serve as a phishing page,” said the researchers.

The security team notes that the group dubbed as APT36 has cleverly utilised malicious PPAM files masquerading as “Officers posting policy revised final”. For those unaware, a PPAM file is an add-in file used by Microsoft PowerPoint. “These files exploit macro-enabled PowerPoint add-ons (PPAM) to conceal archive files as OLE objects, effectively camouflaging the presence of malware,” said the report.

In its report, Seqrite is recommending some preventive measures such as exercising caution while downloading files and opening email attachments from unsolicited or untrusted sources.

“Regularly update security software, operating systems, and applications to protect against known vulnerabilities. It is also important to implement robust email filtering and web security solutions to detect and block malicious content,” the team advised.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Updated: 26 Jun 2023, 11:46 AM IST

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.