Tag: india
-
New DRAT V2 Update Enhances C2 Protocol with Shell Command Execution Capabilities
A new variant of the DRAT remote access trojan (RAT), dubbed DRAT V2, has been uncovered as part of a TAG-140 campaign targeting Indian government entities. This threat actor, believed to overlap with SideCopy and linked to Transparent Tribe (aka APT36), demonstrates a consistent pattern of refining its malware arsenal. TAG-140 Evolves Malware Arsenal The…
-
APT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing Campaign
APT36, also known as Transparent Tribe, a Pakistan-based cyber espionage group, has launched a highly sophisticated phishing campaign targeting Indian defense personnel. According to recent findings by CYFIRMA, this group has meticulously crafted phishing emails that deliver malicious PDF attachments disguised as official government documents. Cyber Espionage Group Transparent Tribe Strikes Again These deceptive files…
-
Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach
The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/indian-car-sharing-firm-zoomcar-breach
-
Observability startup Coralogix becomes a unicorn, eyes India expansion
With the influx of cash, Coralogix is looking to expand its engineering base in India and develop its AI agent. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/17/observability-startup-coralogix-becomes-a-unicorn-eyes-india-expansion/
-
India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users
Zoomcar disclosed a data breach impacting 8.4M users after attackers compromised its systems and contacted the company staff. Zoomcar is an India-based car-sharing and self-drive car rental company. Zoomcar discovered a data breach impacting 8.4M users after threat actors contacted the internal personnel claiming the compromise of internal systems. The company is investigating the security…
-
Google to scale up AI-powered fraud detection and security operations in India
Google has unveiled its Safety Charter in India, which will expand its AI-led developments for fraud detection and combating scams across the country, the company’s largest market outside the United States. Digital fraud in India is rising. Fraud related to the Indian government’s instant payment system UPI grew 85% year-over-year to nearly 11 billion Indian…
-
8.4 million people affected by data breach at Indian car share company Zoomcar
The Bengaluru-based company told investors that it initially became aware of the breach on June 9. First seen on therecord.media Jump to article: therecord.media/8-million-affected-zoomcar-data-breach
-
India’s Security Leaders Struggle to Keep Up With Threats
Business and security executives in the South Asian nation worry over AI, cybersecurity, new digital privacy regulations, and a talent gap that hobbles innovation. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/india-security-leaders-struggle-threats
-
Indian Authorities Bust Cybercriminals Posing as Microsoft Tech Support
India’s Central Bureau of Investigation (CBI), the nation’s federal law enforcement agency, launched a sweeping operation targeting cyber-enabled financial fraud networks. Raids at 19 locations across India dismantled a sophisticated tech support scam operation impersonating Microsoft, primarily victimizing older adults in Japan. Major Crackdown on Tech Support Fraud Networks The operation led to the arrest…
-
Bitter Malware Employs Custom-Built Tools to Evade Detection in Advanced Attacks
In a recent research by Proofpoint and Threatray has unveiled the intricate and evolving malware arsenal of the Bitter group, also known as TA397, believed to be a state-backed actor aligned with the interests of the Indian government. Active since 2016, Bitter has transformed its operations from deploying rudimentary downloaders to orchestrating sophisticated Remote Access…
-
TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations
The post TA397’s Global Targeting Tactics Reveal Indian State-Backed Cyber Operations appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/ta397s-global-targeting-tactics-reveal-indian-state-backed-cyber-operations/
-
Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam
India’s Central Bureau of Investigation (CBI) has revealed that it has arrested four individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens.The law enforcement agency said it conducted coordinated searches at 19 locations across Delhi, Haryana, and Uttar Pradesh on May…
-
Cyberangriff auf einen Lebensmittel-Lieferdienst in Indien
Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/03/indian-grocery-startup-kiranapro-was-hacked-and-its-servers-deleted-ceo-confirms/
-
Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands
The threat actor known as Bitter has been assessed to be a state-backed hacking group that’s tasked with gathering intelligence that aligns with the interests of the Indian government.That’s according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysis.”Their diverse toolset shows consistent coding patterns across malware families, particularly in…
-
New evidence links long-running hacking group to Indian government
Two cybersecurity companies issued reports tying a cyber-espionage group known as Bitter or TA397 more directly to the Indian government. First seen on therecord.media Jump to article: therecord.media/india-cyber-espionage-bitter-ta397
-
TA397 Hackers Exploits Scheduled Tasks to Deploy Malware on Targeted Systems
A recent in-depth analysis by Proofpoint Threat Research has shed light on the sophisticated operations of TA397, also known as Bitter, a suspected state-backed threat actor highly likely aligned with Indian intelligence interests. Identified as an espionage-focused group, TA397 has been actively targeting entities across Europe and Asia, particularly those with connections to China, Pakistan,…
-
Cyberattack eradicates Indian grocery startup’s data
First seen on scworld.com Jump to article: www.scworld.com/brief/cyberattack-eradicates-indian-grocery-startups-data
-
The Ramifications of Ukraine’s Drone Attack
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing the same with U.S. air bases? Or the Pakistanis with…
-
StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025
Shift in cyberattack focus puts APAC region under growing pressure. First seen on hackread.com Jump to article: hackread.com/stormwall-india-china-us-most-ddos-attacks-q1-2025/
-
‘Deliberate attack’ deletes shopping app’s AWS and GitHub resources
CEO of India’s KiranaPro, which brings convenience stores online, vows to name the perp First seen on theregister.com Jump to article: www.theregister.com/2025/06/04/kiranapro_cyberattack_deletes_cloud_resources/
-
Coinbase breach tied to bribed TaskUs support agents in India
A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/
-
Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms
The company said the cyberattack destroyed its servers and customer data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/03/indian-grocery-startup-kiranapro-was-hacked-and-its-servers-deleted-ceo-confirms/
-
One hacker, many names: Industry collaboration aims to fix cyber threat label chaos
Tags: advisory, attack, blizzard, china, corporate, country, crowdstrike, cyber, cybersecurity, group, guide, hacker, india, intelligence, international, microsoft, risk, russia, threatBuilding a translation guide, not a standard: The collaboration is analyst-driven, focusing on harmonizing known adversary profiles through direct cooperation between the companies’ threat research teams. Already, the effort has led to alignment on more than 80 threat actors, confirming connections that had previously been uncertain.The companies describe their effort as creating a “Rosetta Stone”…
-
Bitter APT Targets Pakistan Telecom Amidst Border Tensions with New Cyberattack!
As tensions flared between India and Pakistan during Operation Sindoor on May 7, 2025, a covert cyber offensive First seen on securityonline.info Jump to article: securityonline.info/bitter-apt-targets-pakistan-telecom-amidst-border-tensions-with-new-cyberattack/
-
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023.”The threat actor mainly targets the SQL injection vulnerabilities discovered on web applications to access the SQL servers of targeted…
-
Earth Lamia Hackers Exploits Vulnerabilities in Web Applications to Attack Multiple Industries
Cybersecurity researchers at Trend Research have uncovered the aggressive operations of Earth Lamia, an Advanced Persistent Threat (APT) group with a China-nexus, targeting organizations across Brazil, India, and Southeast Asia since 2023. This threat actor has demonstrated a sophisticated approach to cyber intrusions by exploiting SQL injection vulnerabilities in web applications to infiltrate SQL servers…
-
Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model
The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws, all of which attract businesses legitimate and shady. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/indian-police-arrest-cybercrime-gang-copycats-myanmar-biz-model
-
APT36 and Sidecopy Hackers Target India’s Critical Infrastructure with Malware Attacks
Tags: attack, cyber, defense, government, group, hacker, healthcare, india, infrastructure, malware, threatSeqrite Labs, India’s largest malware analysis facility, has uncovered a sophisticated campaign dubbed Operation Sindoor, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy. Launched on May 7, 2025, this state-sponsored Advanced Persistent Threat (APT) activity, combined with coordinated hacktivist operations, targeted India’s critical sectors, including defense, government IT infrastructure, healthcare, telecom, and education. Operation Sindoor…
-
Fake DigiYatra Apps Target Indian Users to Steal Financial Data
Threat actors have been exploiting the trust in India’s digital public infrastructure by setting up a deceptive phishing site, digiyatra[.]in, impersonating the DigiYatra Foundation. This fraudulent website, still live at the time of reporting, is being used to harvest personal user data by presenting itself as an official service for air travelers. Data Harvesting The…