Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Government sounds alarm over Zip files – ET CISO

Government sounds alarm over Zip files – ET CISO

Government sounds alarm over Zip files – ET CISO

https://etimg.etb2bimg.com/thumb/msid-109804788,imgsize-17868,width-1200,height=765,overlay-etciso/grc/government-sounds-alarm-over-zip-files.jpg

Indian authorities have issued a caution to their personnel regarding a cyber threat group with ties to Pakistan. This group is exploiting a flaw in the WinRAR software to introduce trojans like AllaKore and Ares into government networks. WinRAR is commonly used for managing compressed files, it is a file archiver utility for Windows that can create and view archives in RAR or ZIP formats.

According to a report in MoneyControl, this is the latest in a string of attacks that government organisations in India have been facing from foreign nation-state linked cyber threat actors. These threat actors typically target institutions such as defence bodies and so on to steal sensitive information.

A previous report by Moneycontrol highlighted alerts regarding cyber threat actors linked to Pakistan and China targeting Indian officials.

What are the techniques that these Pakistan linked hackers use
An advisory reviewed by the publication, released on April 9 by the government, revealed that the group known as SideCopy is capitalising on the WinRAR vulnerability to silently run code that install remote access trojans (RATs) such as AllaKore or Ares.

The security advisory detailed that the deployed payload is capable of stealing system information, recording keystrokes, capturing screenshots, managing file uploads and downloads, and remotely controlling the compromised system to execute commands and relay pilfered data to a command and control (C2) server.

Active since at least 2019, SideCopy is believed to be a Pakistani group that predominantly targets South Asian nations, especially the Indian defence sector and entities in Afghanistan.

Their typical strategy involves dispatching phishing emails containing defence-related baits. These emails bear harmful attachments that, once opened, install RATs to seize control over the targeted system.

The government’s advisory also included recommendations for officials to upgrade WinRAR to its most recent version, identify and segregate infected systems from the network, and conduct a thorough security audit of their cyber security infrastructure.

WinRAR is a file archiver utility for Windows that can create and view archives in RAR or ZIP formats, and unpack many archive file formats.

  • Published On May 3, 2024 at 10:51 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket