Cyber Attack in India: Pakistani Hackers Up Attacks on Indian Government Systems

A hacker group named SideCopy and Transparent Tribe (APT36), based in Pakistan, is targeting the Indian government's cyber system. According to the cybersecurity firm Quick Heal, the gang is trying to target defence IT systems by launching malware attacks amid the Lok Sabha election results 2024.

APT cyber criminals have targeted the Indian government during the general elections before. However, the recent surge in attack volumes has increased. In recent weeks, the company has detected three distinct campaigns launched by SideCopy, each characterised by the deployment of two instances of the AllaKore remote access trojan (RAT) as the final malicious payload.

Also Read | Indian cyber security agency warns users about a bug in Checkpoint gateway products.

"The infection typically commences with spear-phishing emails delivering malicious attachments or links that exploit vulnerabilities to gain initial footholds within target networks," Sanjay Katkar, joint managing director at Quick Heal Technologies, told Economic Times.

"Once compromised, these entry points are leveraged to deploy an array of malware payloads, including the AllaKore and Crimson RATs, granting the attackers extensive remote control and unfettered access to infected systems," he said.