[ad_1]
Moneycontrol’s Report The Indian government has asked its officials to be alert of a Pakistani cyber threat group that can reportedly exploit vulnerabilities in the WinRAR software to infiltrate government networks using a Trojan. This indicates a worrying trend of foreign nation-state-affiliated cyber threat groups targeting Indian government institutions, particularly defense units, to access sensitive information.
This is not the first time that the Indian government has warned its employees to be cautious of foreign cyber threat groups. An earlier report by the same publication shows that at different times last year, the government had warned its employees against cyber threat groups. Pakistani And Sugar Had issued a warning to its officials regarding hacking groups.
This recent advisory, released on April 9, warns about a group called SideCopy. This group is using a vulnerability in the WinRAR software to infiltrate government networks by installing software called Remote Access Trojans (RATs) such as Allacor and Ares. These RATs are tricky, which can steal system details, record keystrokes, take screenshots and even move files around. They then send this stolen data to the Command and Control (C2) server.
SideCopy, which is believed to have originated from Pakistan and has been active since at least 2019, primarily targets groups in South Asian countries, particularly India’s defense sectors and Afghanistan. They trick people by sending them fake emails about defense content, tricking them into opening malicious attachments and infecting their computers.
[ad_2]
