September 27, 2023

A US-based private cybersecurity company said it has uncovered evidence that an Indian media conglomerate, as well as a police department and the agency responsible for the country”s national identification database have been hacked, likely by a state-sponsored Chinese group.

The Insikt Group, the threat research division of Massachusetts-based Recorded the hacking group, given the temporary name TAG-28, made use of Winnti malware, which it said is exclusively shared among several Chinese state-sponsored activity groups.

The group says it detected four IP addresses assigned to the Bennett Coleman And Co. Ltd. media company in “sustained and substantial network communications” with two Winnti servers between February and August.

It said is observed approximately 500MB of data being extracted from the network of the privately owned Mumbai company, whose publications include The Times of India.

The Insikt Group said it also observed some 5MB of data transferred in a similar fashion from the police department of Madhya Pradesh state.

As the group said it also identified a compromise in June and July of UIDAI, detecting some 10MB of data downloaded from the network and almost 30MB uploaded, possibly indicating the deployment of additional malicious tooling from the attacker infrastructure.

UIDAI has a well-designed, multi-layered robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity. UIDAI Strongly denied

Tags:

Leave a Reply

You may have missed

BORN Canada latest victim of MoveIT data breach

September 27, 2023

Hardware Supply Chain Risk Assessment from CISA

September 27, 2023

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023
%d bloggers like this: