Pak-based group launches cyber attack on govt officials: Report | HT Tech

Pak-based group launches cyber attack on govt officials: Report

The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission.

By:PTI
| Updated on: Jun 04 2016, 13:26 IST
image caption
The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission. (Thinkstock)

A Pakistan-based group is suspected to be behind cyber attacks on Indian government officials, luring them with emails referencing seventh Central Pay Commission, a software security firm has claimed.

"On May 18, 2016, the group registered a fake news website and sent spear phishing emails to Indian government officials. The emails referenced the Indian government's seventh Central Pay Commission, a topic of interest among officials," security firm FireEye said in a statement.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
34% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

The emails sent to officials were sent from timesofindiaa.in, a fake news domain registered by the attackers, it added.

Also read
Looking for a smartphone? To check mobile finder click here.

The group attached a malicious Microsoft Word document to the emails, which pretended to be sent by an employee of a leading publication. They requested the recipient to open the attachment about the seventh Pay Commission.

The attachment is designed to create a backdoor, which FireEye calls the Breach Remote Administration Tool (BreachRAT).

It allows the attacks to download and run new programmes, upload files from the victims' systems to the attackers' servers and a variety of other functions.

"FireEye has not previously observed this malicious tool used by these threat actors... Only one of the recipient email addresses was publicly listed on a website, suggesting that the actor harvested the other non-public addressees through other means," the statement said.

The suspected Pakistan-based threat group has been active for several years, conducting suspected intelligence collection operations against South Asian political and military targets, it added.

The group is the same that FireEye revealed in March to have conducted cyber attacks against Indian targets and Pakistani dissidents since 2013, it said.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 04 Jun, 13:25 IST
NEXT ARTICLE BEGINS