CYBER 101

  • Alerts
  • Blog
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Subscribe to our newsletter

FOLLOW US

No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Jobs
  • Vendors
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
  • Jobs
  • Vendors
Get Help
CyberMaterial
Home Alerts

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials

December 26, 2022
Reading Time: 2 mins read
in Alerts

 

A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that’s used by Indian government officials.

Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks.

“.LNK files are used to initiate code execution which eventually downloads and runs a malicious C# payload, which functions as a remote access trojan (RAT),” Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov said in a new report.

SideCopy, a hacking crew believed to be of Pakistani origin and active since at least 2019, is said to share ties with another actor called Transparent Tribe (aka APT36 or Mythic Leopard).

It’s also known to impersonate attack chains leveraged by SideWinder, a prolific nation-state group that disproportionately singles out Pakistan-based military entities, to deploy its own toolset.

That said, this is not the first time Kavach has emerged as a target for the actor. In July 2021, Cisco Talos detailed an espionage operation that was undertaken to steal credentials from Indian government employees.

Kavach-themed decoy apps have since been co-opted by Transparent Tribe in its attacks targeting India since the start of the year.

 

READ FULL ARTICLE

Tags: AlertsAlerts 2022December 2022GovernmentIndiaKavachPhishing CampaignSecuronixSideCopySTEPPY#KAVACHTransparent TribeTwo-Factor Authentication (2FA)
0
VIEWS
ADVERTISEMENT

Related Posts

GoAnywhere MFT Users Warned of Zero-Day Exploit

GoAnywhere MFT Users Warned of Zero-Day Exploit

February 6, 2023
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

February 6, 2023
Massive Ransomware Campaign Targets VMware ESXi Servers

Massive Ransomware Campaign Targets VMware ESXi Servers

February 6, 2023
Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

February 2, 2023

More Articles

Alerts

UK and partners condemn GRU cyber attacks against Olympic and Paralympic Games

October 26, 2020
Incidents

Lorenz Ransomware Exploit Mitel VoIP Systems

September 14, 2022
Entertainment

Ecommerce shopping

December 16, 2020
Course

GDPR Practitioner Course

March 24, 2022

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.