A powerful tool designed to help cybersecurity professionals against potential threats is being used by cyber attackers to target the Indian defence and research organisations, according to an advisory issued by the Controller General of Defence Accounts (CGDA).
Threat actors were using Mythic C2 Framework, a tool designed for cybersecurity professionals to identify vulnerabilities in networks, the advisory said.
C2 stands for "Command and Control." In cybersecurity, when a computer system is compromised (hacked), the attacker needs a way to communicate with the compromised system. This communication usually takes the form of commands that the attacker sends to control the hacked system.
Cybersecurity professionals use this framework to create and control a network of compromised computers.
In the context of cybersecurity, this is often associated with testing and enhancing the security of computer systems.
The CGDA is responsible for handling the audit, financial advice, payment, and accounting of all charges related to the Armed Forces. Moneycontrol has reviewed the advisory issued in December 2023.
"It has been observed that the Mythic framework is being used to target diplomatic, defence, research organisations in Indian government and Indian Armed Forces or related assets in India by unknown actors," the advisory by CGDA said.
The advisory states that threat actors are creating fake domains that mimic Indian military and defense operations. They are then using phishing emails to deliver malicious software embedded in PDF files.
When these PDFs are opened, the embedded malware checks for connectivity with the C2 server. If a connection is established, the C2 server facilitates the downloading of customised malicious files, which then downloads and deploys a malicious payload onto the victim's computer.
Moneycontrol has reached out to the Ministry of Defence with queries on the matter and the article will be updated when a response is received.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
