Skip to main content

Pakistani Cyber Criminals Targeting Indian Military Personnel In Data Theft Campaign.


A group of Cyber Attackers of  Pakistan were making target to the Indian Military Force for stealing their personnel data through a data-theft campaign in which not only social engineering but also malicious malware involved. 

When the researchers of Trend Micro observes the attacks, then they found the information about this operation which is known as  “C-Major".

Even researchers added that they discovered about the operation of those attackers that the hackers want to steal at least 160 military officer's information, their consultants, attaches and also information about the Indian re-sellers in which not only including their personal photographs, confidential documents, information about their financial records, strategies, passports and also photo IDs.

The security firms said that the attackers initiated their attacks through fake emails that will be sent to the targeted user individually. And this would be possible because the attackers use the phishing technique in which they attached the malicious PDF file and send the emails from high authorities emails such as - India's Ministry Of Defense.
Once the file is open then the vulnerability of Adobe Reader will be reduced as well as a Trojan is installed into the victim's system. And that malware can log to keystrokes as well as steal the information about the passwords, audio records, files & captured screenshots. 

But the researchers identify that the attackers are not so much sophisticated because that flaw or you can say malware is compiled by an MSIL (Microsoft Intermediate Language) that is a binary language using in Visual Studio that easily allowed to the Trojan for decompilation. 

According to TrendMicro,
The malware was compiled into an MSIL binary using Visual Studio. This means that the original source code was probably in VB# (Visual Basic .NET) or C# (the .NET version of C++). This also means that the developers weren’t aware that these programs can be decompiled in a trivial manner: the attackers provided the source code for free. No truly sophisticated attacker would have created and compiled their malware in this manner.

Even the source code of that malware consists the information about its C&C (Command & Control) servers and also Trend Micro System found that it has many directories in which stored the stolen information up to the 16Gb. 
And one of those C&C servers determined by the researchers that had been designed by hard-coded in the malware and that address point to located in Pakistan even this threat is designed for both versions Windows as well as for mobile. 
Finally, the fact comes out that the server is located in Pakistan. Whereas Trend Micro says that it's not compulsion that the hackers group are located from Pakistan because it is not proved by solid evidence. 

But the lead experts said that they believed that the attackers based in Pakistan because the attackers use the samples of malware that is uploaded onto the Virus Total then they scanned the users ID many times and the IDs will belong to the Pakistan's users. Even experts also added that less sophisticated attackers get easy success in their operations.

And finally, Trend Micro said in a report that has the details about the operations such as C-Major, “For those in charge of defending a corporate or organization network, this attack reinforces the fact that any user, regardless of rank or position,is susceptible to becoming the organization’s weakest security link. As such, while network defenders should be prepared to help prevent, or minimize the damage of attacks,people who use the said network should likewise be knowledgeable of threats that could possibly come. The need for proper user awareness training is clear.”

Last week Google removed the Pakistani App Used To Spy On Indian Army. Services of the Indian military (Army, Navy, and Air Force) along with the Central Industrial Security Force (CISF) and the Border Security Force (BSF) were targeted. According to the report, fake Facebook profiles were used to trap officers into honey traps, with more than 10 such fake profiles being used. 

Comments

Popular posts from this blog

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets. 




1. Unix Tool Box: An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.

2. One page Linux Manual: Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands.

3. Linux Reference Card: One great reference published by FOSSwire.

4. Linux Command Line Cheat Sheet: This is an interestingly sorted and helpful cheat sheet by cheatography.

5. Linux Command Line Tips: This is a linux command line reference for common operations. Cleanly sorted and well described.

6. Treebeard’s Unix Cheat Sheet: A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have!

7. Linux Shortcuts and Commands:…

Ten Important Rules Of Ethical Hacking

The world of ethical hacking too is bound by a set of rules and principles, here are 10 crucial ones!

Time and again we have been bringing you valuable resources on ethical hacking since we know and understand the nature of things as far as security goes. Ethical hacking is picking up steam each day with more and more organisations spending heftily to maintain the sanctity of their systems and data. As such, ethical hacking is a glorious career option in the current scheme of things.



1.Set your goals straight

To begin with, an ethical hacker must start thinking like the intruder. He must be able to identify the loopholes on the target access points or networks that are prone to attack, he must be aware of the repercussions of these loopholes and how the intruder can use it against the same. An ethical hacker then has to find out if anyone at the target notice the intruder's attempts to carry out his/her acts. Finding out and eliminating unauthorised wireless access points is always t…

Extracting Administrator Passwords Using LCP

Extracting Administrator Passwords Using LCP
Link Control Protocol (LCP) is part of the Point-to-Point (PPP) protocol In PPP communications, both the sending and receiving devices send out LCP packets to determine specific information required for data transmission.
■ Use an LCP tool ■ Crack administrator passwords
Tools Needed
■ A computer running Windows Server 2012 ■ A web browser with an Internet connection ■ Administrative privileges to run tools
■ You can also download the latest version of LCP from the link http: / www.lcpsoft.com/engl1sh/1ndex.htm
■ If you decide to download the latest version, then screenshots shown     might differ ■ Follow the wizard driven installation instructions ■ Run this tool in Windows Server 2012 ■ Administrative privileges to run tools ■ TCP/IP settings correctly configured and an accessible DNS server
Overview of LCP
LCP program mainly audits user account passwords and recovers them in Windows 2008 and 2003. General features of this protocol are password recovery, bru…