Tag: India
-
The Taxman’s Shadow: Blackmoon Trojan Hijacks IT Tools to Spy on Indian Taxpayers
Fabricated notifications impersonating the Income Tax Department of India have emerged as the facade for a sophisticated malware campaign, culminating in the deployment of the Blackmoon banking trojan. This offensive specifically targets the Indian populace, facilitating the clandestine installation of a multi-stage remote access apparatus, ostensibly orchestrated for the purposes of a cyber-espionage operation. According…
-
The Source Code Standoff: India’s New Security Rules Alarm Apple and Samsung
A formidable confrontation is brewing in India between the state and preeminent smartphone manufacturers. The nation’s authorities are contemplating stringent new security mandates for mobile devices, which have already provoked sharp, albeit largely unspoken, resentment from titans such as Apple and Samsung. According to the Indian government’s initiative, smartphone architects may be compelled to relinquish…
-
The Adaptive Spy: Transparent Tribe’s New RAT Outsmarts Antivirus to Target India
The hacking group known as Transparent Tribe has launched a new wave of cyber-espionage operations targeting government bodies, research institutions, and strategically important organizations in India. The attackers’ primary weapon is yet another variant of a remote access trojan (RAT), designed to maintain a persistent foothold within compromised systems. According to Cyfirma, the current campaign…
-
The Mole in the Machine: New Arrests in Coinbase’s $400M Insider Data Scandal
Coinbase has reported the first arrests in its investigation into the sale of customer data: police in Hyderabad, India, have detained a former exchange support employee suspected of accepting bribes and handing customer records to criminal groups. Coinbase CEO Brian Armstrong disclosed the arrest on December 26, adding that further detentions are expected to follow.…
-
Transparent Tribe APT Deploys DeskRAT to Spy on Indian Government Linux Systems
The Pakistani hacking collective known as Transparent Tribe (APT36) has intensified cyber-espionage operations against Indian government institutions, deploying a new Go-written malware dubbed DeskRAT, researchers at Sekoia reported after observing activity in August and September of this year. The campaign continues a pattern of attacks previously documented by CYFIRMA. DeskRAT is propagated via phishing emails…
-
The AI Propaganda War: Inside the India-Pakistan Influence Networks
Insikt Group has published a comprehensive study on two influence networks that were active during the conflict between India and Pakistan in the spring of 2025. The report highlights Hidden Charkha, which promoted pro-Indian narratives, and Khyber Defender, which targeted Pakistani audiences. According to analysts, both networks almost certainly operated in alignment with their respective…
-
APT36 Launches New Cyber-Espionage Campaign on Indian Govt
APT36, also known as Transparent Tribe, has launched a new espionage campaign targeting government and defense institutions in India. This Pakistan-linked group, active since at least 2013, has long relied on phishing campaigns and credential theft to infiltrate restricted systems. In their latest operation, the attackers introduced a novel infection technique, leveraging “.desktop” files in…
-
Patchwork APT Targets Turkey’s Defense Sector: Indian Cyber-Espionage Group Seeks Hypersonic & UAV Secrets
The threat group known as Patchwork—also operating under aliases such as APT-C-09, APT-Q-36, Chinastrats, Dropping Elephant, Operation Hangover, Quilted Tiger, and Zinc Emerson—has launched a new targeted phishing campaign aimed at Turkey’s defense sector. According to analysts, the primary objective of the attackers is to obtain sensitive information related to the development of unmanned platforms…
-
New Android Banking Malware Targets Indian Banks: Steals Credentials, Intercepts OTPs via Fake Apps
Researchers at CYFIRMA have issued a warning about a new wave of cyberattacks leveraging malicious Android applications disguised as legitimate banking clients. These apps are designed to steal user credentials, intercept messages, and execute unauthorized financial transactions. According to analysts, the campaign is particularly aggressive in targeting customers of Indian banks, employing sophisticated evasion techniques…
-
CoinDCX Hacked for $44 Million in Crypto: Internal Account Breached, User Funds Safe
This past weekend, Indian cryptocurrency platform CoinDCX suffered a large-scale cyberattack, resulting in the theft of over $44 million in digital assets. The breach affected only the company’s internal operational account, with user funds reportedly remaining untouched, according to co-founders Neeraj Khandelwal and Sumit Gupta. Signs of the incident first appeared on the co-founders’ social…
-
Pakistan-Aligned APT36 Unleashes DRAT V2: New Delphi RAT Targets Indian Government
A hacker group with affiliations beyond Pakistan has once again drawn attention following its attacks on Indian government entities. According to researchers at Recorded Future, the activity is attributed to the cyber threat group TAG-140, which is believed to intersect with the notorious SideCopy collective—part of the broader operation known as Transparent Tribe (also referred…
-
APT36 Unleashes Advanced Phishing Against Indian Defense Personnel: New Anti-Analysis Malware & NIC Impersonation
The Pakistani cyber-espionage group APT36, also known as Transparent Tribe, has launched a sophisticated new phishing campaign targeting personnel within India’s defense sector. Experts at CYFIRMA have uncovered that the threat actors are employing highly deceptive tactics, disguising malicious payloads as official government documents. In these attacks, APT36 leverages counterfeit emails that include PDF attachments…
-
Massive India Data Breach Exposes Millions of Biometric Records
A massive data breach in India has exposed the biometric data of millions of citizens. An unsecured database containing fingerprints and facial scans of police, military personnel, and civilians was discovered during the general elections, raising serious concerns about identity theft and election security. According to cybersecurity expert Jeremiah Fowler, the unsecured database, containing over…
-
Micron will build packaging and testing facilities in India
Recently, Micron declared its intentions to establish encapsulation and testing facilities in Gujarat, India, marking its first factory in the country. Micron stated that the new facility would be built in phases, with construction expected to commence within this year. The first phase includes a 500,000 square feet clean room, projected to commence operations by…
-
Indian government asks VPN providers to share customer data
The Indian government has now ordered virtual private network providers to record user data and share it with government agencies, including user purpose and identity information. Responsible for the matter is the Indian Computer Emergency Response Team, and VPN providers to log and hand over customer data. At the same time, the VPN provider must…
-
Canalys announced the 2022 Q1 India’s smartphone market report
Recently, Canalys, an international research organization, released a report on smartphone shipments in the Indian market in Q1 2022. It said total shipments were 38 million smartphones, an annual growth rate of just 2%, which it said was mainly due to suppliers experiencing intermittent supply issues. At the same time, Canalys also announced the shipments…