Chinese group behind cyberattacks on India identified
By MYBRANDBOOK
Security researchers have discovered a Chinese hacking group that has stolen confidential data by attacking government organisations in six countries, including India.
Government organisations in India, Brazil, Kazakhstan, Russia, Thailand and Turkey suffered damage as a result of the group’s attacks, said specialists from London-headquartered global security solutions provider Positive Technologies.
The Calypso APT (or Advanced Persistent Threat) group has been active since 2016, Engadget reported.
To get access to the victim’s internal network, the attackers hack the network perimeter and inject a special programme which gave them, the investigation by Positive Technologies found. The investigation revealed that the attackers moved along the network either by exploiting Remote Code Execution vulnerability (MS17-010) or by using stolen credentials.
“These attacks succeeded largely because most of the utilities the group uses to move inside the network are widely used by the specialists everywhere for network administration,” Denis Kuvshinov, Lead Specialist in Threat Analysis at Positive Technologies said in a statement.
“The group used publicly available utilities and exploit tools, such as SysInternals, Mimikatz; EternalBlue, and EternalRomance. Using these widely available tools, the attackers infected computers on the organisation’s LAN ( local area network) and stole confidential data,” Kuvshinov said.
According to the experts at Positive Technologies, organisations can prevent such attacks by using specialised systems for deep traffic analysis. These systems facilitate the detection of suspicious activity at the early stages of the attackers’ incursion into the LAN, and then would prevent the hackers from getting a foothold in the company infrastructure.
In addition, monitoring of security incidents, along with perimeter and web applications protection, can also help in detecting and preventing these attacks.
In one of the attacks the group used PlugX malware – traditionally used by many Chinese APT groups. They also used Byeby trojan, which was involved in the SongXY malware campaign in 2017.
Also, in some of the attacks the hackers accidentally disclosed their real IP addresses, which belonged to Chinese providers. The group has several successful hacks to its credit, but still makes mistakes allowing us to guess its origins, Positive Technologies said in a report.
“We keep monitoring the activities of Calypso closely and expect the group will attack again,” the report says.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
POLYCAB INDIA PVT. LTD
INFOSYS TECHNOLOGIES PVT. LTD.
HAVELLS INDIA LTD.
DIGISOL SYSTEMS LTD.
Icons Of India : Harsh Jain
Harsh Jain, the co-founder of Dream 11, the largest fantasy sports web...
ICONS OF INDIA : SUNIL BHARTI MITTAL
Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...
Icons Of India : Anil Kumar Lahoti
Anil Kumar Lahoti, Chairman, Telecom Regulatory Authority of India (TR...
IOCL - Indian Oil Corporation Ltd.
IOCL is India’s largest oil refining and marketing company ...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
ECIL - Electronics Corporation of India Limited
ECIL is distinguished by its diverse technological capabilities and it...
Indian Tech Talent Excelling The Tech World - Soni Jiandani, Co-Founder- Pensando Systems
Soni Jiandani, Co-Founder of Pensando Systems, is a tech visionary ren...
Indian Tech Talent Excelling The Tech World - Vinod Dham, Founder & Executive Managing Partner, IndoUS Venture Partners
Vinod Dham, known as the “Father of the Pentium Chip,” has left an...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...