Govt Warns Officials: Pakistan-Linked Hackers Targeting Government Data via WinRAR Exploit

Govt Warns Officials: Pakistan-Linked Hackers Targeting Government Data via WinRAR Exploit


The Indian government has issued a critical alert warning its officials of an ongoing cyberattack campaign targeting government entities. This campaign, attributed to a Pakistan-linked threat actor, exploits a vulnerability in the widely-used file compression software, WinRAR.

The Attack and its Consequences​

The government advisory details how the group, known as SideCopy, leverages the WinRAR vulnerability to execute malicious code. This code stealthily installs Remote Access Trojans (RATs), such as AllaKore and Ares, onto the victim's system. These RATs provide attackers with extensive control over the infected device, enabling them to:
  • Steal sensitive system information
  • Capture screenshots and record keystrokes
  • Manage file uploads and downloads
  • Remotely execute commands and exfiltrate stolen data
"The payload present, which has the functionality to steal system information, keylogging take screenshots, upload and download files and take the remote access of the victim machine to send commands and upload stolen data to the C2 (command and control server)," states the government advisory.

History and Motives​

SideCopy has been active since at least 2019 and is suspected to be a Pakistani threat actor primarily focused on South Asian nations. They are notorious for targeting the Indian defense sector and entities in Afghanistan. Their modus operandi often involves phishing emails with lures related to defense news or affairs, encouraging victims to open malicious attachments that deploy the RATs.

This attack underscores the ongoing series of cyber threats faced by Indian government organizations, often perpetrated by foreign nation-state actors.

Recommendations and Precautions​

The government's advisory urges officials to take immediate action:
  • Update WinRAR to the latest version to patch the exploited vulnerability.
  • Identify and isolate any potentially infected systems.
  • Conduct a thorough security audit of the organization's cybersecurity infrastructure.

The Need for Vigilance​

This incident highlights the critical importance of maintaining robust cybersecurity measures within government institutions. It also emphasizes the need for individuals to remain vigilant against phishing attempts and to exercise caution when handling compressed files from unknown or untrusted sources.
 
Click to expand...
India needs to enhance its cyber protection and warfare very quickly and properly. India needs a dedicated cyber command that regularly conducts operations against Pakistan and China to hack, disrupt, slow down, send viruses or malware or anything against their government IT systems, military, banking networks, power infrastructure or any other utility companies. We should do the same against China and their businesses.
 
India's First Indigenous Bomber Drone Unveiled, A Giant Leap for 'Make in India' American Rutgers University Allows Protesters to Fly Kashmir Separatist Flag

Similar threads

PTI
  • Article
Senior UN Indian embassy Israeli govt officials pay homage to ex-Indian Army officer killed in Gaza
Replies
0
Views
52
PTI
PTI
ANI
  • Article
Tripura govt gears up for CAA implementation, all DMs asked to designate officials
Replies
0
Views
91
ANI
ANI
Raghav Patel
  • Article
Govt. Granted First 14 Citizenship Certificates Under the Citizenship Amendment Act (CAA)
Replies
2
Views
101
NSR
N
Raj Basu
  • Article
Govt. Aims To Roll Out "Theaterisation" Within One Year After Election Result
Replies
0
Views
101
Raj Basu
Raj Basu
PIB
  • Article
Defence Secretary Urges Infra firms to contribute in Govt’s efforts towards development of border areas
Replies
0
Views
74
PIB
PIB

Popular Threads (Last 6 Days)

Most Replied Threads (Last 14 Days)

Forum statistics

Threads
3,228
Messages
20,250
Members
853
Latest member
Cp Saraswat
Back
Top