Tag Archive for: indian

Malware Alert! Hackers Attacking Indian Android users

/in


A new malware campaign has been identified targeting Android users in India.

This sophisticated attack distributes malicious APK packages to compromise personal and financial information. The malware, available as a Malware-as-a-Service (MaaS) offering, underscores the evolving threat landscape in the digital age.

Symantec, a global leader in cybersecurity, has stepped up to protect users from this emerging threat.

The Rise of Malicious APKs

The campaign has been meticulously designed to spread malware through APK packages disguised as legitimate applications.

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

These applications, which appear to offer services such as customer support, online bookings, billing, or courier services, are vehicles for a range of malicious activities.

Once installed, the malware targets the theft of banking information, SMS messages, and other confidential data from victims’ devices.

This strategy of disguising malicious software as harmless applications is not new but remains highly influential.

The attackers exploit the trust users place in app downloads, particularly those offering valuable services.

Broadcom has recently released a report on a Malware-as-a-Service (MaaS) campaign specifically targeting Android users in India.

The attack represents a threat to the security of Android devices in the region and can potentially cause significant damage to individuals and organizations.

Symantec has identified the malware through its robust security systems, classifying it under two main categories:

Mobile-based Threats:

  • Android.Reputation.2
  • AppRisk: Generisk

Web-based Threats:

The campaign’s infrastructure, including observed domains and IPs, falls under security categories protected by…

Source…

Chinese Hackers Stole Over 95 GB Of Indian Immigration Data

/in


Chinese hackers have conducted extensive cyber intrusions against foreign governments and companies, including India. The Washington Post reported that Chinese intelligence and cyber-surveillance accessed 95.2 GB (gigabytes) of Indian immigration data. 

Other targeted countries include Malaysia, Taiwan, South Korea, Hong Kong, Thailand, the United Kingdom, Nepal, Mongolia and Kazakhstan, among others.

According to the report, Chinese hackers are targeting software vulnerabilities in companies like Apple, Google and Microsoft. 

Leaked documents, posted a week ago on Github, reveal successful breaches of 80 overseas targets, including the acquisition of immigration data from India and call logs from South Korea’s LG U Plus telecom provider.

These documents belonged to a Chinese company called ISoon, headquartered in Shanghai. It is known to sell third-party hacking and data gathering services to state-owned companies and Chinese government bureaus.

The leaked cache contains more than 570 leaked files, images, and chat logs of users. These hacks were initiated by a Shanghai-based company Isoon, offering hacking and data collection services to Chinese government agencies and state-owned businesses.

Chinese state agents are using these hacking tools to identify users of social media platforms like X (erstwhile Twitter), access emails, and conceal the online activities of overseas agents. Additionally, the documents describe disguised devices such as power strips and batteries also used to compromise Wi-Fi networks.

Concerns about Chinese hacking campaigns have been raised by US intelligence officials, who view it as a significant long-term threat to national security. Similarly, the Indian government has taken measures to block Chinese mobile applications due to concerns about potential monitoring by Beijing.

This is just a part of the rampant cyberattacks that the country has been witnessing in recent times. India witnessed 13.91 Lakh cyber security incidents in 2022, Minister of State for Electronics and Information and Technology Rajeev Chandrasekhar informed the Parliament.

Those numbers still do not give an entire picture of cyberattacks on the country as these statistics…

Source…

Indian Govt Reveals ‘High-Risk’ Vulnerabilities Affecting Android Users: Check Details

/in


If you are using an Android device, it’s crucial to be aware that the Indian government’s Computer Emergency Response Team has issued a warning regarding ‘high’ security risk vulnerabilities in Android. The team emphasises that these exploits have the potential to allow attackers to gain sensitive information and execute arbitrary code on your phone.

Which Android Versions Are Affected?

These vulnerabilities are found in Android versions 11, 12, 13, and 14. This implies that even if you have the latest Android version, you are not exempt from these risks.

CERT-In highlights that multiple vulnerabilities exist within the framework, system, arm components, and MediaTek components, Unisoc components, Qualcomm components, and Qualcomm close-sourced components.

How To Protect Yourself?

To safeguard your device, you will need to have Android “Security patch levels of 2024-02-05 or later to address all of these issues.” So, when the OEM of your device releases the said update, simply download the latest available update.

Considering the ‘high’ severity rating, it’s advisable to focus on additional security-enhancing features. Enable two-factor authentication, use a robust passcode, and maintain good digital hygiene practices.

These Are The Vulnerabilities Affecting the Aforementioned Android versions

CVE-2023-32841, CVE-2023-32842, CVE-2023-32843, CVE-2023-33046, CVE-2023-33049, CVE-2023-33057, CVE-2023-33058, CVE-2023-33060, CVE-2023-33072, CVE-2023-33076, CVE-2023-40093, CVE-2023-40122, CVE-2023-43513, CVE-2023-43516, CVE-2023-43518, CVE-2023-43519, CVE-2023-43520, CVE-2023-43522, CVE-2023-43523,CVE-2023-43533, CVE-2023-43534, CVE-2023-43536, CVE-2023-49667, CVE-2023-49668, CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-0014, CVE-2024-0029, CVE-2024-0030, CVE-2024-0031, CVE-2024-0032, CVE-2024-0033, CVE-2024-0034, CVE-2024-0035, CVE-2024-0036, CVE-2024-0037, CVE-2024-0038, CVE-2024-0040, CVE-2024-0041, CVE-2024-20003, CVE-2024-20006, CVE-2024-20007, CVE-2024-20009, CVE-2024-20010, CVE-2024-20011.

top videos

  • Samsung Will Bring Its AI Features To These Old Galaxy

  • Will AI Take Jobs? Microsoft CEO Satya Nadella Explains

  • Meta To Start Labelling AI-Generated Images on Its…

    • Source…

    Cyberattack On Indian Government Claimed By StarsX Team

    /in


    The StarsX Team hacker group has claimed responsibility for an alleged cyberattack on Indian government websites. The group made its announcement on a dark web forum, providing links to substantiate their claims.

    The attached links contained a list of alleged victims and references to check-host.net to support their assertions. Notably, the threat actor appears to be affiliated with Indonesia, as indicated by the Indonesian flag attached to the threat actor’s name.

    The claimed cyberattack specifically targeted five government websites: the Department of Justice, High Court of Punjab and Haryana, UP Police, Intellectual Property India, and the Employees’ State Insurance Corporation.

    Despite these claims, a closer inspection reveals that all the mentioned websites are currently functioning normally, showing no signs of the Distributed Denial of Service (DDoS) attack alleged by the threat actor.

    Claims of Cyberattack on Indian Government Websites

    Cyberattack on Indian Government Websites
    Source: Twitter

    A DDoS attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic.

    It involves the use of multiple compromised computers or devices to generate traffic, making it challenging for the targeted system to handle legitimate requests.

    Cyberattack on Indian Government Websites
    Source: Twitter

    The Cyber Express reached out to some of the affected organizations to verify the alleged cyberattack on Indian government websites. As of now, no official statements or responses have been received, leaving the claims unverified.

    It’s worth noting that the StarsX Team hacker group has a history of targeting multiple countries. In a post from October, the group declared its intentions, stating that they are fighting to defend Palestine’s right to independence.

    The group condemned Israel, India, France, and America for alleged oppression of the Palestinian people and human rights violations. StarsX Team specifically identified these countries as their main targets.

    More Cyberattack Claims by StarsX Team Hacker Group

    Amidst the Israel-Hamas conflict, hacktivist collectives such as IRoX Team and StarsX Team have aligned themselves with opposing sides, conducting cyberattacks…

    Source…