• Legacy
  • Academy
  • Business
  • PayTech
  • Ignite
  • Cellcos
  • Wired
  • CovidTech
  • Library
  • Touch Base
Subscribe
CW Pakistan

Computerworld Pakistan

CW Pakistan
  • Legacy
  • Academy
  • Business
  • PayTech
  • Ignite
  • Cellcos
  • Wired
  • CovidTech
  • Library
  • Touch Base
  • Business

Pakistan and India Hit By Malware Attack

  • August 29, 2017
  • Content Desk
Total
0
Shares
0
0
0

Symantec Corp, a Cyber security firm Symantec corp says it has identified a sustained cyber spying campaign which is likely to be considered state sponsored, against Pakistani and Indian entities involved in regional security issues.

In Symantec’s threat intelligence report, the company said that the online espionage effort dated back to October 2016 and the campaign appeared to be the work of several groups, whereas the tactics and techniques used suggest that the groups were operating with “similar goals or under the same sponsor”, probably a nation state, according to the threat report, which was reviewed by Reuters. The detailed report on the cyber spying comes at a time of heightened tensions in the region. It did not name a state.

Symantec did not identify the likely sponsor of the attack. But it said that governments and militaries with operations in South Asia and interests in regional security issues would likely be at risk from the malware. The malware utilises the so-called “Ehdoor” backdoor to access files on computers.

Read: Indian Hackers Defame Several Government Websites On Independence Day

A security expert shared:

“There was a similar campaign that targeted Qatar using programs called Spynote and Revokery. They were backdoors just like Ehdoor, which is a targeted effort for South Asia.”

CLICKBAIT

To install the malware, Symantec found, the attackers used decoy documents related to security issues in South Asia. The documents included reports from Reuters, Zee News, and the Hindu, and were related to military issues, Kashmir, and an Indian secessionist movement.

The malware allows spies to upload and download files, carry out processes, log keystrokes, identify the target’s location, steal personal data, and take screenshots, Symantec said, adding that the malware was also being used to target Android devices.

In response to frequent cyber-security incidents, India in February established a center to help companies and individuals detect and remove malware. The center is operated by the Indian Computer Emergency Response Team (CERT-In).

Read: NTC and Supernet Sign Agreement for ICT Services

Gulshan Rai, the director general of CERT-In, declined to comment specifically on the attack cited in the Symantec report, but added: “We took prompt action when we discovered a backdoor last October after a group in Singapore alerted us.” He did not elaborate.

Symantec’s report said an investigation into the backdoor showed that it was constantly being modified to provide “additional capabilities” for spying operations.

A senior official with Pakistan’s Federal Investigation Agency said it had not received any reports of malware incidents from government information technology departments. He asked not to be named due to the sensitivity of the matter.

Read: Punjab Police Launches App to Monitor Legal Affairs of Police

A spokesman for FireEye, another cybersecurity company, said that based on an initial review of the malware, it had concluded that an internet protocol address in Pakistan had submitted the malware to a testing service. The spokesman requested anonymity, citing company policy.

Another FireEye official said the attack reported by Symantec was not surprising. Tim Wellsmore, FireEye’s director of threat intelligence for the Asia Pacific region said:

“South Asia is a hotbed of geopolitical tensions, and wherever we find heightened tensions we expect to see elevated levels of cyber espionage activity” 

The Symantec report said the ‘Ehdoor’ backdoor was initially used in late 2016 to target government, military and military-affiliated targets in the Middle East and elsewhere.

 

Image source: CSO Online
Source: Express Tribune/Reuters

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Related Topics
  • CERT-In
  • CLICKBAIT
  • CSO
  • CSO Online
  • cybersecurity attack
  • Ehdoor
  • Federal Investigation Agency
  • FireEye
  • Gulshan Rai
  • Indian Computer Emergency Response Team
  • Revokery
  • Spynote
  • Symantec
  • Tim Wellsmore
  • WannaCry
Content Desk

Previous Article
  • Business
  • CIO

JS Bank and Paysys Labs Collaborate to Launch Mobile Based Biometric Solution: Instascan

  • August 29, 2017
  • Content Desk
View Post
Next Article
  • News

Bank Alfalah Lands Two Awards at the Consumer Choice Awards

  • August 29, 2017
  • Content Desk
View Post
You May Also Like
View Post
  • Business
  • Wired

Flat-lining ICT exports

  • Sub Editor
  • January 26, 2023
View Post
  • Business
  • Wired

All You Need to Know About Pakistan’s Influencer Industry – Walee Pak Influencer Industry Insights Report 2021-22

  • Sub Editor
  • January 24, 2023
View Post
  • Business
  • Wired

The fastest growing jobs in Pakistan right now

  • Sub Editor
  • January 20, 2023
View Post
  • Business
  • Wired

SBP makes it easier for IT exporters to increase their income

  • Sub Editor
  • January 15, 2023
View Post
  • Business
  • Cellcos

Annual Report on Cybersecurity 2022 by PTA

  • Sub Editor
  • January 11, 2023
View Post
  • Business
  • PayTech

Businessmen in Islamabad want investors to turn profits into cryptocurrency assets.

  • Sub Editor
  • January 6, 2023
View Post
  • Business

Researchers developed a risky quantum decryption technique.

  • Sub Editor
  • December 23, 2022
View Post
  • Business
  • Wired

Zong 4G, Hands Pakistan Partner with Parks & Horticulture Authority to Develop Urban Forest in Multan

  • Sub Editor
  • December 13, 2022
View Post
  • Business

Jazz Signs Agreement: Garaj For Cloud Services

  • Sub Editor
  • December 3, 2022
View Post
  • Business

A Look At Karachi Qualifying Round Of Digital Pakistan Cyber Security Hackathon 2022 By Ignite

  • Sub Editor
  • December 2, 2022
View Post
  • Business

Sen. Senate: Google Will Soon Start Doing Business in Pakistan.

  • Sub Editor
  • November 24, 2022
View Post
  • Business

PTA Grants IoT Licences To Two Fresh Businesses

  • Sub Editor
  • November 10, 2022
View Post
  • Business
  • Wired

Pakistan at 75: LSE Summit in 2022

  • Sub Editor
  • October 28, 2022
View Post
  • Business

SECP Fixes Massive Data Leak Of Registered Company Information

  • webdesk
  • September 13, 2022
View Post
  • Business

Massive Data Breach The EDF Website of the Commerce Ministry

  • webdesk
  • September 1, 2022
View Post
  • Business

PTA Offers Two Local Businesses LDI Licenses

  • webdesk
  • August 2, 2022
View Post
  • Business

Permitting WeChat Service: SECP Says Go!

  • webdesk
  • August 2, 2022
View Post
  • Business

SBP Management Attends OICCI Interactive Meeting With Members To Allay Concerns

  • webdesk
  • August 2, 2022
View Post
  • Business

SECP To Introduce Companies for Digital Asset Management

  • webdesk
  • August 1, 2022
View Post
  • Business

STZA Signs Letter Of Intent with China’s SEDA To Further Technical Collaboration

  • webdesk
  • August 1, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

about
About
Launched in 1967 internationally, Computerworld Magazine is the oldest tech magazine/media property brand in the world. Today Computerworld (abbreviated as CW) is an ongoing decades old professional publication which in 2014 "went digital”. In Pakistan Computerworld was launched in 1995. Initially providing news to IT executives only, once CIO Pakistan from the same family launched, and took over the domain, CW Pakistan has slowly emerged as a holistic technology news platform reporting everything tech in the country. It remains the oldest running continuous IT media publishing platform in the country and approaching 3 decades of existence, it has been the industry’s biggest benchmark and hopes to continue for years to come.
Read more
Explore Computerworld Sites Globally
  • ComputerWorld.es
  • computerworld.com.pt
  • Computerworld.com
  • cw.no
  • computerworldmexico.com.mx
  • computerwoche.de
  • computersweden.idg.se
  • computerworld.hu
  • cwi.it
  • project.nikkeibp.co.jp
Content from other IDG brands
  • PCWorld
  • Macworld
  • Infoworld
  • TechHive
  • GameStar
  • Network world
CW Pakistan
  • CWPK
  • CXO
  • WALLET
  • Demo
CW Media & all its sub brands are copyrighted to SPIN-IDG Wakhan Media Inc., the publishing arm of NCC-RP Group. Site is designed by Crunch Collective ©️ 2022

Input your search keywords and press Enter.