July 9, 2021
2 mins read

Pak-based hackers targeting critical infrastructure PSUs in India

In October 2020, reports surfaced that Pak-based Advanced Persistent Threat (APT) groups targeted Indian defence units…reports Asian Lite News

Pakistan-based hacker groups have expanded their cyber-attack network in India and are now targeting high-profile targets from critical infrastructure PSUs from telecom, power and finance sectors in the country, a new report warned on Friday.

In October 2020, reports surfaced that Pak-based Advanced Persistent Threat (APT) groups targeted Indian defence units.

The new findings from cyber security firm Seqrite have revealed that active since 2019, the APT ‘Operation SideCopy’ appears to be a cyber espionage campaign by Pakistan-backed ‘Transparent Tribe’ group that is now targeting critical infrastructure PSUs in India.

“Further investigation of the IP, using data from whatismyipaddress.com, revealed that the provider of that IP address is Pakistan Telecommunication Company Limited. This revelation further strengthens the claim that Operation SideCopy which is operated by the Transparent Tribe group is originating in Pakistan,” the researchers informed.

This is likely only a subset of targets since there are several other command-and-control (C2) servers being used in ‘Operation SideCopy APT’, which are probably targeting other entities, they added.

Seqrite researchers have proactively alerted the government authorities and are working with them to keep potential targets safe.

Researchers suspect this attack to be a cyber-espionage campaign aimed at collecting sensitive information to gain a competitive advantage against India.

ALSO READ: UN session: Pakistan ramps up propaganda on J&K

“The evidence gathered by Seqrite suggests a highly organised operation designed to evade most security mechanisms. As part of the campaign, attackers are sending out phishing emails with government-themed documents in an attempt to lure targets into opening the attachments,” the company emphasised.

According to Seqrite, threat actors were leveraging compromised websites, which resemble the websites that the targeted organisations would generally access.

Further analysis of data accessible from some C2 servers led researchers at Seqrite to an IP address that was commonly found across different C2 servers.

“In fact, this IP address turned out to be the first entry in many logs, which indicated that the corresponding system is likely being used for testing the attack before launch,” the team noted.

According to researchers, the malicious actors have enhanced the attack tools and methods, as compared to last year, to make detection difficult.

“This attack group is well funded and is actively improving its attack mechanisms to infiltrate the target entities. The group can potentially steal critical intel from the government agencies and their subsequent bodies,” the report mentioned.

They can even use that information to make more lures and target other government departments, warned researchers from Seqrite, the cybersecurity security products and solutions brand of Quick Heal Technologies Limited.

ALSO READ: Pakistan looks for alternate pipeline instead of PSGP

Previous Story

China must avoid overreacting to Modi’s birthday greetings to Dalai Lama

Next Story

Actively pursuing vaccine imports, says MEA

Latest from -Top News

Pakistan in the Dark: Power Crisis Boils Over

Regular power outages are a fact of life in Pakistan, but recent developments suggest that the situation is escalating to new extremes….writes Nasir Khattak In early January 2025, a nerve-breaking power outage

IBPC Dubai charts new growth path

Former Tata Motors CEO Ravi Kant headlines exclusive event as Indian business council sets course for transformation….reports Asian Lite News The Indian Business & Professional Council (IBPC) Dubai has signalled a significant

Miles in the Malls!

Dubai Mallathon kicks off today – The emirate’s biggest malls transform into indoor fitness arenas, inviting residents to walk, run, and win — all while staying cool, healthy, and community-connected….reports Asian Lite

Famine grips Gaza, WHO warns

WHO said Gaza’s population is facing acute food insecurity under the Integrated Food Security Phase Classification…reports Asian Lite News The World Health Organisation (WHO) has issued its starkest warning yet about the

Lifeline from UAE to Gaza

UAE’s Operation Chivalrous Knight 3 sustains Gaza’s collapsing health system with hospitals, treatment, aid, and vaccines, offering vital relief to thousands amid deepening crisis….reports Asian Lite News The United Arab Emirates has
Go toTop

Don't Miss

Ola Krutrim Opens Cloud Platform for Developers and Enterprises

Homegrown artificial intelligence (AI) company Ola Krutrim on Saturday announced

Congress objects to choice of pro tem Speaker

Congress leader K C Venugopal accused the BJP-led government of