The Indian government has warned its officials of how a Pakistan-linked cyber threat actor is leveraging a security vulnerability in WinRAR to deliver trojans such as AllaKore, Ares etc on government entities. WinRAR is used for accessing zip files.
This is the latest in string of attacks that government organisations in India have been facing from foreign nation-state linked cyber threat actors. These threat actors typically target institutions such as defence bodies and so on to steal sensitive information.
Moneycontrol had previously reported how the government had warned officials of Pakistan and China-linked threat actors targeting officials.
The recent advisory, a copy of which Moneycontrol has reviewed, was issued by the government on April 9. It said that SideCopy, a Pakistan-linked cyber threat actor, was leveraging the vulnerability in WinRAR to execute a code that quietly deploys remote access trojans (RAT) such as AllaKore or Ares.
"The payload present, which has the functionality to steal system information, keylogging take screenshots, upload and download files and take the remote access of the victim machine to send commands and upload stolen data to the C2 (command and control server)," the advisory said.
SideCopy is a cyber threat actor group that has been active since at least 2019. They are believed to be Pakistani and primarily target countries in South Asia, particularly India's defense sector and Afghanistan.
Their modus operandi include sending phishing emails with lures related to defense news or affairs. These emails contain malicious attachments that deploy RATs to gain control of the victim's machine.
In the advisory, the government advised officials to update WinRAR to the latest version and to identify infected systems and isolate those systems from the network. Additionally, it recommended institutions to take up security audit of the cyber security infrastructure of the organisation.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
