Indian Cyber Warefare Capability : Discussions and Infosec news

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
8,762
Likes
76,710
Country flag

The nuclear security architecture in India is shrouded in secrecy[35] and the effectiveness of the country’s cyber security infrastructure leaves much to be desired. It is important to advocate for a robust and well-articulated approach to mitigate the potential consequences of cyber-attacks.
A new cyber policy in expected by this year 2020.
 

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
8,762
Likes
76,710
Country flag

Not specifically related to India but highly relevant.

Pretty sure they might have had all platform like NX, HX, EX, MX (along with others) & Mandiant services themselves, this is pretty sure to be a state actor.
 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Beware of this ‘spoofed’ online banking message, warns Government of India



It is to note that Cyber Dost is managed by the Ministry of Home Affairs, Government of India to inform people about cyber security and safety. Cyber Dost has shared an image of a message that says, “Dear XXX customer, you recently added a nominee to your account named XXXXX. You will be able to send funds to this nominee after 30 mins”. Timings are also mentioned in the message which some people may take as an authentic one. Further, the message will ask users to log in to their account online and follow the instructions if they have not made any beneficiary.

 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
India can now create Aatmanirbhar secured internet

NEW DELHI : With over 50% share in next generation IP addresses, India now has the potential to create its own secured internet by setting up a root server locally for less than ₹10 crore, according to state-run ITI and industry platform IPv6 Forum.

 

porky_kicker

Senior Member
Joined
Apr 8, 2016
Messages
6,024
Likes
44,579
Country flag
India can now create Aatmanirbhar secured internet

NEW DELHI : With over 50% share in next generation IP addresses, India now has the potential to create its own secured internet by setting up a root server locally for less than ₹10 crore, according to state-run ITI and industry platform IPv6 Forum.

Need of the hour and kick twitter out permanently
 
Last edited:

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Malicious Chrome sync feature can help hackers steal your data - ET Telecom


New Delhi: A cyber security researcher has discovered a malicious Google Chrome extension in the wild abusing the Chrome Sync process that can help hackers steal user data.
Hackers can use the Google Chrome sync feature to send commands to infected browsers and steal data from infected systems, bypassing traditional firewalls and other network defenses.
Croatian security researcher Bojan Zdrnja found a malicious Chrome extension that can communicate with a remote command and control (C&C) server and as a way to exfiltrate data from infected browsers, reports ZDNet.
Chrome sync is a feature of the Chrome web browser that stores copies of a user's Chrome bookmarks, browsing history, passwords, and browser and extension settings on Google's cloud servers.
According to Zdrnja, the goal was to use the extension to "manipulate data in an internal web application that the victim had access to."
"While they also wanted to extend their access, they actually limited activities on this workstation to those related to web applications, which explains why they dropped only the malicious Chrome extension, and not any other binaries," Zdrnja said in the report.
The basis for this attack were malicious extensions that the attacker dropped on the compromised system.
"Now, malicious extensions are nothing new, there were a lot of analysis about such extensions and Google regularly removes dozens of them from Chrome Web Store, which is the place to go to in order to download extensions," the security researcher mentioned.

 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Iranian regime using Dutch server to spy on dissidents: Investigation

LONDON: Iran has been using a server in the Netherlands to spy on its political opponents, a Dutch radio station has revealed.


The server was identified by Rik Delhaas, a journalist with the “Argos” radio program broadcast on NPO Radio 1, and security company Bitdefender, following a tip-off from an Iranian man living in the Netherlands.


The server was tracked down to a location near the city of Haarlem thanks to a corrupted file received on the chat app Telegram by an Iranian dissident, Delhaas said.


“Fortunately, he did not open (the file) and his computer was not infected,” he said.


The file was brought to the attention of Bitdefender, which discovered it was hosted on a server being used to hack into computers and mobile phones in the Netherlands, Germany, Sweden and as far afield as India, the report on Argos revealed.


The server located near Haarlem, in the northern Netherlands, is a “command and control” server — used by those looking to control infected devices, often to steal data.

 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Ex-defence personnel hit by phishing attack

The devices of multiple former defence personnel may have been compromised in a phishing attack launched through a government domain email address, according to technical evidence accessed by HT and disclosures by some of the victims, the latest in a string of attacks that have exploited privileged @gov.in and @nic.in email addresses.


The new attack, which was through an email from an @gov.in address sent on Thursday afternoon, targeted a group of 43 former officers of the army, navy and air force who were part of the 56th course of the National Defence Academy. The sender lured some of them into clicking on a purported invitation for a dinner, which led to a set of malware.

“Some 15-20 people said in our WhatsApp group that they had clicked on the link and were honest about it,” said one of the 43 people, who asked not to be named. Two other persons who clicked on the links themselves told HT that they had, and found suspicious files being downloaded.

The people targeted on Thursday said they were not sure how their details may have leaked. One of the people HT spoke to said the 56th course alumni included some people who were also in senior positions in private companies. The three services chiefs, general MM Naravane, admiral Karambir Singh and air chief marshal Rakesh Kumar Singh Bhadauria too belong to the same NDA batch, although their email addresses were not among those targeted.

“This malware appears to be new and tailor-made for targets who are associated with the Indian military. None of the commercially available anti-malware products appears to flag it as yet,” Kadakia said, explaining that this was likely to be the first time this hacking tool was spotted in the wild.


 

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
8,762
Likes
76,710
Country flag

Red Rabbit Team in a message to PTI claimed that it has access to pan-India data of Bharti Airtel through a shell uploaded on the company's server and will leak more data soon.
"The website which was used to upload alleged Airtel data was hacked on December 4, 2020 by Mr Clay (TeamLeets - a Pakistani Hacker Group). This indicates that a Pakistani hacker group TeamLeets may be behind this data leak," Rajaharia said
 

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
8,762
Likes
76,710
Country flag

Not specific to India but applicable as well.

Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running its Exchange email program to potential hacks. The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.
 

Cheran

Senior Member
Joined
Sep 8, 2019
Messages
8,762
Likes
76,710
Country flag
MobiKwik has been hacked, lock, stock & barrel.


  • Total 350GB MySQL dumps – > 500 databases
  • 99 million — email ID, phone, passwords, addresses, apps installed, phone manufacturer, IP address, and GPS location
  • 40 million — 10 digit card, month, year, card hash
  • ~7.5 TB of ~3 million Merchant KYC data – passports, Aadhar cards, pan cards, selfie, store picture proof, and more used to get loans on the mobile phone-based payment system.

1617109981033.png
 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
MeitY launches new initiatives to increase IPv6 adoption in India - ET Telecom

NEW DELHI: Ministry of Electronics and IT (MeitY) launched three new initiatives--IP Guru, NIXI Academy, and NIXI-IP-Index to help Indian entities migrate and adopt Internet Protocol version IPv6.

These initiatives were launched by Ajay Prakash Sawhney, Secretary, Ministry of Electronics and Information Technology on Friday.

The IP Guru group will hire an agency that will work with end customers to provide them with the necessary technical support to adopt IPv6. This expert group will additionally guide all such Indian entities and help in increasing IPv6 adoption.]]


 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Domino's India database likely hacked, 1 million credit card details leaked along with mail IDs, cell numbers
Popular pizza outlet Domino’s India seems to have fallen victim to a cyber attack. According to Alon Gal co-founder of an Israeli cybercrime intelligence, the hackers have access to Domino’s India 13TB of internal data which includes employee details of over 250 employees across verticals such as IT, Legal, Finance, Marketing, Operations, etc.

 

yourgodisweak

Regular Member
Joined
Apr 2, 2020
Messages
856
Likes
2,772
Country flag
Domino's India database likely hacked, 1 million credit card details leaked along with mail IDs, cell numbers
Popular pizza outlet Domino’s India seems to have fallen victim to a cyber attack. According to Alon Gal co-founder of an Israeli cybercrime intelligence, the hackers have access to Domino’s India 13TB of internal data which includes employee details of over 250 employees across verticals such as IT, Legal, Finance, Marketing, Operations, etc.

Is there a law in place to fine companies who cant secure sensitive data?
 

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
Is there a law in place to fine companies who cant secure sensitive data?
Well! we are not sure if thats even workable thats like with a law...cuz cyber security is an evolving domain..its messy.
Negligence can be fined..,, losses incured can be retrieved from the company.
even consumer complaints on such can screw them big time for compensation and other losses.
 

SavageKing456

Senior Member
Joined
Apr 14, 2020
Messages
3,078
Likes
18,149
Country flag
Domino's India database likely hacked, 1 million credit card details leaked along with mail IDs, cell numbers
Popular pizza outlet Domino’s India seems to have fallen victim to a cyber attack. According to Alon Gal co-founder of an Israeli cybercrime intelligence, the hackers have access to Domino’s India 13TB of internal data which includes employee details of over 250 employees across verticals such as IT, Legal, Finance, Marketing, Operations, etc.

This is not good if anyone finds .onion link to the data he/she can easily access personal information of any person and could be possibly used for committing crime on dark web itself or anywhere else
 

DownWithCCP

Senior Member
Joined
Jul 22, 2020
Messages
2,036
Likes
8,726
Country flag
India most likely uses non-state actors and groups like SideWinder, DarkBasin for its operations(very much like China) , for instance check this report by AT&T alien labs of how the group targeted Pakistani Military officials
1618808577388.png


You can't say for sure if they are sponsored by the government but the scope of their targets seems to align with what the government would concern itself with.
Much like the Equation Group in the NSA SideWinder could be an offensive operations group of Indian Intelligence agencies but there is no evidence pointing towards that.
It doesn't seem like they are driven by some ideology because ideologically motivated entities often deface websites which doesn't seem to be the case here, this group and mind you several others like them are extremely professional in their conduct.

Click here to see the report
 

DerBronzeLord

Regular Member
Joined
Jan 21, 2021
Messages
761
Likes
3,109
Country flag
India most likely uses non-state actors and groups like SideWinder, DarkBasin for its operations(very much like China) , for instance check this report by AT&T alien labs of how the group targeted Pakistani Military officials
View attachment 85890

You can't say for sure if they are sponsored by the government but the scope of their targets seems to align with what the government would concern itself with.
Much like the Equation Group in the NSA SideWinder could be an offensive operations group of Indian Intelligence agencies but there is no evidence pointing towards that.
It doesn't seem like they are driven by some ideology because ideologically motivated entities often deface websites which doesn't seem to be the case here, this group and mind you several others like them are extremely professional in their conduct.

Click here to see the report
Dark Basin isn't Indian intelligence. It belongs to a company in Noida, and Dark Basin is likely a HaaS used by Indian intelligence in rare cases. Dropping Elephant and Viceroy Tiger are state-run APT's, Dark Basin and (quite likely) SideWinder are independent operators hired at times by the GoI. Their targets are diverse ranging from companies like Exxon and other climate change orgs which have nothing to do with India. India isn't powerful at all in the cyber-warfare world. Our talent pool is massive, and cyber doesn't require a lot of funding, however, there is a lack of political(read bureaucratic) will to ensure that we have a capability to conduct cyber warfare. Was excited by the establishment of the DCA, just been waiting for 4 years now.....
 

Latest Replies

Global Defence

New threads

Articles

Top