The international phishing expedition looking to hook India’s big fish
An email is received by many serving and retired officers from an official email address of a senior serving officer inviting all for a lunch…..
The Indian army soldiers were targeted through phishing attack. When the officers clicked on the link in their mail it downloaded an app containing an assortment of circulars and news related to the Indian army. That, however, was just an eyewash. Its true purpose was to unleash malware, which would course through the victim’s computer or phone, stealing everything from WhatsApp chats to SMSes and media files. This malware, if left unchecked, could stay on a target’s system indefinitely, constantly pilfering sensitive data. The data was being transmitted to a command-and-control centre in the Netherlands—the source of the phishing attack. The hackers made use of the country’s many ‘bulletproof hosting’ services, which essentially allow hackers to securely host malicious content which can be used to carry out cyber-attacks. These servers, which were paid for in Bitcoin, were accessed from Karachi, Pakistan.
Vulnerability that needs to be plugged (WeSeSo’s Opinion):
By - Cdr KK Chaudhary (Retd)
0 0 11