Pakistani threat actor hacked government computer in India to steal sensitive credentials

Govt computer attacked in India by Pakistani threat actor to steal sensitive credentials

The Hacker News reported that a Pakistani malicious actor socially engineered a number of ministries in Afghanistan and shared government computers in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtained access to government portals.

The report said that the embedded files are tailored to target government and military officials based in Afghanistan and India.

Malwarebytes’ latest findings go into detail about the new tactics and tools adopted by the APT group known as SideCopy, which is so-called because of its attempts to mimic the infection chains associated with another group tracked as SideWinder and mislead attribution.

In addition, the threat actor is said to have siphoned several Microsoft Office documents, including names, numbers, and email addresses of officials and databases containing information related to identity cards, diplomatic visas, and asset registrations from the Afghan government websites, all of which are expected to be used as future decoys or to fuel further attacks against the individuals themselves, the report added.

Malwarebytes researcher Hossein Jazi said, “The lures used by SideCopy APT are usually archived files that have embedded one of these files: LNK, Microsoft Publisher or Trojanized Applications.”

Recently, Meta took steps to block malicious activities carried out by the group on its platform by the way of honey trapping to compromise individuals with ties to the Afghan government, military, and law enforcement in Kabul.

Some of the prominent attacks were waged against personnel associated with the Administration Office of the President (AOP) of Afghanistan as well as the Ministry of Foreign affairs, Ministry of Finance, and the National Procurement Authority, resulting in the theft of social media passwords and password-protected documents. SideCopy also broke into a shared computer in India and harvested credentials from government and education services.

[With Inputs from IANS]

PGurus is now on Telegram. Click here to join our channel and stay updated with all the latest news and views

For all the latest updates, download PGurus App.

• Author
• Recent Posts

PGurus Newsdesk

Latest posts by PGurus Newsdesk (see all)

• India delivers Brahmos missile system to Philippines - April 19, 2024
• Centre appoints Sr IPS officer Nalin Prabhat as NSG Chief, IPS Sapna Tewari to take over as Special Director IB - April 19, 2024
• Annamalai casts vote; says will register historic win, people of TN with PM Modi - April 19, 2024