Moneycontrol PRO
HomeNewsTechnologyGovt warns of threat actors using 'Mythic framework' to target Indian defence, research organisations

Govt warns of threat actors using 'Mythic framework' to target Indian defence, research organisations

The Mythic framework provides a set of tools and a structure to create, deploy, and manage a Command and Control system for controlling a network of compromised computers.

January 02, 2024 / 12:31 IST
The Mythic C2 framework is a set of tools and software that enables someone to create and control a network of compromised computers.

A powerful tool designed to help cybersecurity professionals against potential threats is being used by cyber attackers to target the Indian defence and research organisations, according to an advisory issued by the Controller General of Defence Accounts (CGDA).

Threat actors were using Mythic C2 Framework, a tool designed for cybersecurity professionals to identify vulnerabilities in networks, the advisory said.

C2 stands for "Command and Control." In cybersecurity, when a computer system is compromised (hacked), the attacker needs a way to communicate with the compromised system. This communication usually takes the form of commands that the attacker sends to control the hacked system.

Cybersecurity professionals use this framework to create and control a network of compromised computers.

In the context of cybersecurity, this is often associated with testing and enhancing the security of computer systems.

The CGDA is responsible for handling the audit, financial advice, payment, and accounting of all charges related to the Armed Forces. Moneycontrol has reviewed the advisory issued in December 2023.

"It has been observed that the Mythic framework is being used to target diplomatic, defence, research organisations in Indian government and Indian Armed Forces or related assets in India by unknown actors," the advisory by CGDA said.

The advisory states that threat actors are creating fake domains that mimic Indian military and defense operations. They are then using phishing emails to deliver malicious software embedded in PDF files.

When these PDFs are opened, the embedded malware checks for connectivity with the C2 server. If a connection is established, the C2 server facilitates the downloading of customised malicious files, which then downloads and deploys a malicious payload onto the victim's computer.

Moneycontrol has reached out to the Ministry of Defence with queries on the matter and the article will be updated when a response is received.

Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

Aihik Sur covers tech policy, drones, space tech among other beats at Moneycontrol
first published: Jan 2, 2024 12:18 pm

Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

Subscribe to Tech Newsletters

  • On Saturdays

    Find the best of Al News in one place, specially curated for you every weekend.

  • Daily-Weekdays

    Stay on top of the latest tech trends and biggest startup news.

Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347