Indian Cyber Warefare Capability : Discussions and Infosec news

DownWithCCP

Senior Member
Joined
Jul 22, 2020
Messages
1,352
Likes
5,384
Country flag
Dark Basin isn't Indian intelligence. It belongs to a company in Noida, and Dark Basin is likely a HaaS used by Indian intelligence in rare cases. Dropping Elephant and Viceroy Tiger are state-run APT's, Dark Basin and (quite likely) SideWinder are independent operators hired at times by the GoI. Their targets are diverse ranging from companies like Exxon and other climate change orgs which have nothing to do with India. India isn't powerful at all in the cyber-warfare world. Our talent pool is massive, and cyber doesn't require a lot of funding, however, there is a lack of political(read bureaucratic) will to ensure that we have a capability to conduct cyber warfare. Was excited by the establishment of the DCA, just been waiting for 4 years now.....
The company might as well be a decoy(iirc the company was doing some penetration testing and security audits), the reason I said this was I read some IR team's reports on an alleged DarkBasin attack, it had some features characteristic of a SideWinder attack. It can very well be assumed that even though they do not work for the government they can be hired like mercenaries to get the job down, Chinese MSS related groups often do that.
 

DownWithCCP

Senior Member
Joined
Jul 22, 2020
Messages
1,352
Likes
5,384
Country flag
Dark Basin isn't Indian intelligence. It belongs to a company in Noida, and Dark Basin is likely a HaaS used by Indian intelligence in rare cases. Dropping Elephant and Viceroy Tiger are state-run APT's, Dark Basin and (quite likely) SideWinder are independent operators hired at times by the GoI. Their targets are diverse ranging from companies like Exxon and other climate change orgs which have nothing to do with India. India isn't powerful at all in the cyber-warfare world. Our talent pool is massive, and cyber doesn't require a lot of funding, however, there is a lack of political(read bureaucratic) will to ensure that we have a capability to conduct cyber warfare. Was excited by the establishment of the DCA, just been waiting for 4 years now.....
The problem with our agencies is that the methods they use are quite crude, for instance when SideWinder attacked Pakistani military officials the malware they used was open source with modifications, against countries like Pakistan it can get the job done but if we are to become a power to be reckoned with then we need a lot of 0 day exploits in our bag of tricks just like the NSA has.
 

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
2,953
Likes
19,235
Country flag

As per a detailed report published by global threat intelligence SaaS provider Cyble, the alleged data breach happened on October 14, 2020. Cyble detected the breach on October 30 during its routine Dark Web Monitoring. The data was available for $40,000. Cyble validated the data, and on November 1, they informed BigBasket about the breach. The company urged them not to disclose the breach. Cyble advised them to let the customers know as they have the right to know about the breach.

20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone numbers were leaked.
 

scatterStorm

Senior Member
Joined
May 28, 2016
Messages
1,866
Likes
3,978
Country flag

As per a detailed report published by global threat intelligence SaaS provider Cyble, the alleged data breach happened on October 14, 2020. Cyble detected the breach on October 30 during its routine Dark Web Monitoring. The data was available for $40,000. Cyble validated the data, and on November 1, they informed BigBasket about the breach. The company urged them not to disclose the breach. Cyble advised them to let the customers know as they have the right to know about the breach.

20,000,000+ clients affected and information such as emails, names, hashed passwords, birthdates and phone numbers were leaked.
As a DevOps engineer myself, Its already known that many SaaS based firms data has already been breached. In fact, when Aadhar was first introduced, there api endpoints were not "rate limited", and all I had to do was to code a python bot that could request the api endpoint and get the json data. One of my friends working in Flipkart told me they were running some servers day and night to fetch the user data.

Whoever has the most recent data can push there product onto upcoming generations to come.

Unfortunately, most Indian users Aadhar data is already been out. It could be you, me and even everybody on the forum.
 

DownWithCCP

Senior Member
Joined
Jul 22, 2020
Messages
1,352
Likes
5,384
Country flag
As a DevOps engineer myself, Its already known that many SaaS based firms data has already been breached. In fact, when Aadhar was first introduced, there api endpoints were not "rate limited", and all I had to do was to code a python bot that could request the api endpoint and get the json data. One of my friends working in Flipkart told me they were running some servers day and night to fetch the user data.

Whoever has the most recent data can push there product onto upcoming generations to come.

Unfortunately, most Indian users Aadhar data is already been out. It could be you, me and even everybody on the forum.
Well I read a lot of articles(on Medium) that said that when they reported these API related vulnerabilities(the article I read mentioned about some authentication service) initially it was denial but they were fixed later on. How true is that?
 

Global Defence

Articles

Top