Cyberattacks on Indian Government and Military Entities: A Growing Concern

As the general elections are underway in India, the country’s government and military entities are facing a new threat - cyberattacks. According to recent research, Pakistan-based hackers are using programming languages like Python, Golang, and Rust to target Indian government and military entities. These hackers are also abusing web services like Telegram, Discord, Slack, and Google Drive to carry out their malicious activities.

The research, conducted by Seqrite, has discovered three distinct campaigns targeting the Indian government by another Pakistan-based APT group, Sidecopy. The campaigns, which started in late 2023 and are likely to continue, have raised concerns about the security of India’s government and military entities.

Who is Transparent Tribe?

Transparent Tribe, also known as APT36, ProjectM, Mythic Leopard, or Earth Karkaddan, is a cyber surveillance threat group operating with a Pakistani nexus. The group has been operational since 2013 and has conducted cyber espionage operations against India’s education and defense sectors in the past.

“The group has conducted cyber espionage operations against India’s education and defense sectors in the past.”

Transparent Tribe primarily employs phishing emails as the preferred method of delivery for their payloads, utilizing either malicious ZIP archives or links. The group has also introduced new iterations, including the use of ISO images as an attack vector in October 2023.

A New Era of Cyber Warfare

The latest research has unveiled that Transparent Tribe is deploying a range of malicious tools, including a new Golang-compiled “all-in-one” espionage tool. This tool has the capability to find and exfiltrate files with popular file extensions, take screenshots, upload and download files, and execute commands.

Cyber warfare is becoming a major concern for governments and military entities around the world.

The research also discovered a remote IP address associated with a Pakistani-based mobile data network operator embedded within a spear-phishing email. The email set the time zone (TZ) variable to “Asia/Karachi,” which is Pakistan’s Standard Time.

The intensifying cyberattack campaigns come amidst the ongoing general elections in India, raising concerns about the security of the country’s government and military entities.

Cyberattacks are becoming more sophisticated and targeted.

As the world becomes increasingly dependent on technology, the threat of cyberattacks is becoming more pronounced. It is essential for governments and military entities to stay vigilant and take proactive measures to protect themselves from these malicious activities.

Cyber security is becoming a major concern for governments and military entities around the world.

In conclusion, the cyberattacks on Indian government and military entities are a growing concern that needs to be addressed immediately. It is essential for the Indian government to take proactive measures to protect itself from these malicious activities and ensure the security of its government and military entities.