Pak-based group launches cyber attack on govt officials: Report | HT Tech

Pak-based group launches cyber attack on govt officials: Report

The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission.

By:PTI
| Updated on: Jun 04 2016, 13:26 IST
image caption
The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission. (Thinkstock)
image caption
The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission. (Thinkstock)

A Pakistan-based group is suspected to be behind cyber attacks on Indian government officials, luring them with emails referencing seventh Central Pay Commission, a software security firm has claimed.

"On May 18, 2016, the group registered a fake news website and sent spear phishing emails to Indian government officials. The emails referenced the Indian government's seventh Central Pay Commission, a topic of interest among officials," security firm FireEye said in a statement.

The emails sent to officials were sent from timesofindiaa.in, a fake news domain registered by the attackers, it added.

The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission.

The attachment is designed to create a backdoor, which FireEye calls the Breach Remote Administration Tool (BreachRAT).

"FireEye has not previously observed this malicious tool used by these threat actors... Only one of the recipient email addresses was publicly listed on a website, suggesting that the actor harvested the other non-public addressees through other means," the statement said.

The suspected Pakistan-based threat group has been active for several years, conducting suspected intelligence collection operations against South Asian political and military targets, it added.

The group is the same that FireEye revealed in March to have conducted cyber attacks against Indian targets and Pakistani dissidents since 2013, it said.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 04 Jun, 13:25 IST
NEXT ARTICLE BEGINS