US researchers uncover Pak cyber espionage group targeting India with suspected Govt links

[illusion8]

US based researchers have uncovered an Islamabad based cyber espionage group that targets India and is suspected to have direct links with the Pakistani government.



The group, which has been tracked by a joint research team for over a year, is believed to have sent out malware that infects targeted computers in India for key documents and files that are then routed back to Pakistan through a complex online web.


While Pakistan cyber groups have been targeting Indian entities for years, what sets this new report by the FireEye labs and CyberSquared Inc's Threat Connect Intelligence Research Team (TCIRT) apart is the fact that the group is suspected to have direct contact with the Pakistan government, pointing to a larger possible state sponsored effort.

The report titled `Operation Arachnophobia' reveals that the Islamabad based Tranchulas Company is suspected to have initiated the `Bitterbug' malware that is spread through documents that have a key Indian target group. There is little information however in the report on the extent of damage that malware has done to Indian entities.

The malware, which has the ability to identify specific files on the target computer, has been spread through documents like a report last year on the `then-recent death of "Sarabjit Singh"', the Indian national who had been imprisoned in Pakistan on espionage charges as well as an `Indian Government pension memorandum'.

Other documents that were used to spread the bug included a document on the arrest and indictment of diplomat Devyani Khobragade in New York in December last year.

The researchers indicate that it is highly probable that Tranchulas is connected to the Pakistan government. "It is likely that Tranchulas provides services to the Pakistani government. The offensive cyber initiative services offered by Tranchulas is offered to "national-level cyber security programs" suggesting a commercial demand from "national-level" customers," the report says.

The bug, the report elaborates is directed at India. "Operation Arachnophobia consists of an apparent targeted exploitation campaign, dating back to early 2013, using the BITTERBUG malware family and seemingly directed against entities involved in India-Pakistan issues," the report says, adding that it can `confidently point to many characteristics of a Pakistan-based cyber exploitation effort that is probably directed against Indian targets or those who are involved in India-Pakistan issues'.

How it works:

The BITTERBUG uses India specific documents and files to infect a computer. This can range from a document on the Khobragade affair to a report on Sarabjit Singh and Indian government circulars.

Once in the system, the BITTERBUG scans for files with extensions like .doc, .ppt, .xls, .pdf, .docx, .pptx, .pps, .xlsx .

A file list containing all documents is then generated.

After this a message is sent to the attacker that the computer is compromised. The files are then exported to Islamabad based cyber company.



US researchers uncover Pak cyber espionage group targeting India with suspected Govt links : India, News - India Today

Looks like the joint cyber security ops has begun from last year.

 

[Echo_419]

US based researchers have uncovered an Islamabad based cyber espionage group that targets India and is suspected to have direct links with the Pakistani government.



The group, which has been tracked by a joint research team for over a year, is believed to have sent out malware that infects targeted computers in India for key documents and files that are then routed back to Pakistan through a complex online web.


While Pakistan cyber groups have been targeting Indian entities for years, what sets this new report by the FireEye labs and CyberSquared Inc's Threat Connect Intelligence Research Team (TCIRT) apart is the fact that the group is suspected to have direct contact with the Pakistan government, pointing to a larger possible state sponsored effort.

The report titled `Operation Arachnophobia' reveals that the Islamabad based Tranchulas Company is suspected to have initiated the `Bitterbug' malware that is spread through documents that have a key Indian target group. There is little information however in the report on the extent of damage that malware has done to Indian entities.

The malware, which has the ability to identify specific files on the target computer, has been spread through documents like a report last year on the `then-recent death of "Sarabjit Singh"', the Indian national who had been imprisoned in Pakistan on espionage charges as well as an `Indian Government pension memorandum'.

Other documents that were used to spread the bug included a document on the arrest and indictment of diplomat Devyani Khobragade in New York in December last year.

The researchers indicate that it is highly probable that Tranchulas is connected to the Pakistan government. "It is likely that Tranchulas provides services to the Pakistani government. The offensive cyber initiative services offered by Tranchulas is offered to "national-level cyber security programs" suggesting a commercial demand from "national-level" customers," the report says.

The bug, the report elaborates is directed at India. "Operation Arachnophobia consists of an apparent targeted exploitation campaign, dating back to early 2013, using the BITTERBUG malware family and seemingly directed against entities involved in India-Pakistan issues," the report says, adding that it can `confidently point to many characteristics of a Pakistan-based cyber exploitation effort that is probably directed against Indian targets or those who are involved in India-Pakistan issues'.

How it works:

The BITTERBUG uses India specific documents and files to infect a computer. This can range from a document on the Khobragade affair to a report on Sarabjit Singh and Indian government circulars.

Once in the system, the BITTERBUG scans for files with extensions like .doc, .ppt, .xls, .pdf, .docx, .pptx, .pps, .xlsx .

A file list containing all documents is then generated.

After this a message is sent to the attacker that the computer is compromised. The files are then exported to Islamabad based cyber company.



US researchers uncover Pak cyber espionage group targeting India with suspected Govt links : India, News - India Today

Looks like the joint cyber security ops has begun from last year.

Looks like typewriters are gonna find their way back to Govt offices

 

[SrNair]

And the Americans are soooo innocent .They will scare when they see Computers.Cut the crap .
These Americans targeted us with a 5th position honour in this world.
Our GoI already knows this Pak adjustment.But Pakistanis are nowhere nearer to the Chinese.And US is far better than Chinese.
Those who targeted all of the computers in this world is now teaching us about cybersecurity.So much concerned about India's security.
Lolll such a hypocrite nation.

 

[Viny]

All that cyber research team of USA could find was a virus of 1990's technology.
World of malware has changed and so does the world of getting required data.

 

[axisofevil]

I wonder how come the Indian gov't doens;t follow real time developments globally as they occur? Under the UPA, Pakistan and China made cooperation in various fields a priority, specifically Cyberwarfare. It was the one area Pakistan specifically asked for. Shouldn't that have rang bells in the Indian establishment?



Instead of pointing the fingers at the US, think for a moment.

And the Americans are soooo innocent .They will scare when they see Computers.Cut the crap .
These Americans targeted us with a 5th position honour in this world.
Our GoI already knows this Pak adjustment.But Pakistanis are nowhere nearer to the Chinese.And US is far better than Chinese.
Those who targeted all of the computers in this world is now teaching us about cybersecurity.So much concerned about India's security.
Lolll such a hypocrite nation.

Whats up with your bais against the US? You seem to protect and defend Pakistan and CHina whenever you get a chance? So what is the US is the best? They all engage in cyberwarfare but all I care about is India and how far behind we are. You don't think a country as big as us wouldn't be targetted? Im pretty sure we are targetted by many more nations.


As for Pakistan and CHina, they have been working together for a long time and their relationship has hit new levels. Even after Modi being elected, PLA still entering India. What does that say? They cant read a map? Their GPS sucks? I can tell you one thing, Pakistan cyberwarfare is only going to get alot better, they 're using it as a tool in asymmetric warfare. They know they cant compete on India's level, so they are taking a page from China's playbook on the US. Food for thought.


But you cant seem to understand that because your view is so jaded by your extreme hate for the US. CHina killed our troops, when has the US done so? NEVER!


I rather have the US on top of the world than CHina or Pakistan....how do you think they would act?

All that cyber research team of USA could find was a virus of 1990's technology.
World of malware has changed and so does the world of getting required data.

Mooot point. The most effective malware till date and continually used are trojans. IF anyone is aware of the changing world of cyberwarfare it would be the US. The fact that Pakistan can f-k with us, speaks volumes. The only problem with using cyberwarfare tit for tat, is that you reveal your tech and advances which helps your enemies and competitors to learn and build as well.

 

[SrNair]

I wonder how come the Indian gov't doens;t follow real time developments globally as they occur? Under the UPA, Pakistan and China made cooperation in various fields a priority, specifically Cyberwarfare. It was the one area Pakistan specifically asked for. Shouldn't that have rang bells in the Indian establishment?



Instead of pointing the fingers at the US, think for a moment.



Whats up with your bais against the US? You seem to protect and defend Pakistan and CHina whenever you get a chance? So what is the US is the best? They all engage in cyberwarfare but all I care about is India and how far behind we are. You don't think a country as big as us wouldn't be targetted? Im pretty sure we are targetted by many more nations.


As for Pakistan and CHina, they have been working together for a long time and their relationship has hit new levels. Even after Modi being elected, PLA still entering India. What does that say? They cant read a map? Their GPS sucks? I can tell you one thing, Pakistan cyberwarfare is only going to get alot better, they 're using it as a tool in asymmetric warfare. They know they cant compete on India's level, so they are taking a page from China's playbook on the US. Food for thought.


But you cant seem to understand that because your view is so jaded by your extreme hate for the US. CHina killed our troops, when has the US done so? NEVER!


I rather have the US on top of the world than CHina or Pakistan....how do you think they would act?






Mooot point. The most effective malware till date and continually used are trojans. IF anyone is aware of the changing world of cyberwarfare it would be the US. The fact that Pakistan can f-k with us, speaks volumes. The only problem with using cyberwarfare tit for tat, is that you reveal your tech and advances which helps your enemies and competitors to learn and build as well.

We dont need anyone one sided advice.GoI knows US,Pakistan and China.Pakistan and China have some enemity against us.So we are expecting any kind of threat from these nations and it is understandable.
What was the NSA's reason behind the snooping against BJP and its leaders?
Why should they target our nuclear and space field for info when a gutless Congress govt was in centre?

All I am saying .Instead of US if Norway or Finland or any other like nation issued a threat like that we can understan.But US is not a saint.
Chinese or Pak goes at anylevel and it is understandable.Pakistan dont have a cyber capabilities like China.For that thry need a lot of funding.Till then our prime threat would be the PRC.

 

[axisofevil]

We dont need anyone one sided advice.GoI knows US,Pakistan and China.Pakistan and China have some enemity against us.So we are expecting any kind of threat from these nations and it is understandable.
What was the NSA's reason behind the snooping against BJP and its leaders?
Why should they target our nuclear and space field for info when a gutless Congress govt was in centre?

All I am saying .Instead of US if Norway or Finland or any other like nation issued a threat like that we can understan.But US is not a saint.
Chinese or Pak goes at anylevel and it is understandable.Pakistan dont have a cyber capabilities like China.For that thry need a lot of funding.Till then our prime threat would be the PRC.

I dont care about sainthood. Im asking you who has fought wars with India? China and Pakistan? Or the big bad US?


As for snooping, dude every nation in the world with the capabiity engages in it? The question is where do you draw the line? Seeing the BJP up and rising, I think any country would be interested to learn what are its views and how to deal with them. You think the NSA wasn't snooping on Congress? Just ask our own NSA?



Like I said before, every nation on Earth will track the developments of every other nation if it can.


CHina and PAkistan does not have some enemity. They have full blown enemity against INdia.



The reality is that the US is far ahead of us. If Pakistan is making inroads and hurting India, its not in our interests and it's not in India's.


Last;y, let me remind you, it is the US who is trying to bring Pakistan and India to the table to make peace. India cut of its meeting with Pakistan after they went to meet Kashmiri separatists? WHo the f-k alows Kashmiris separatists to go to Pakistan and chit chat? Isn't that against our national security? CONGRESS has allowed them to do that for decades, yet they are the same idiots who did nothing yet jumped to bash Modi. They must really think Indians are fools and have short term memory, why else would they yapp about such stupid stuff?

 

[-1o1-]

Nothing much can be done US made the net,But never lose hope All hail uncle sam

 

[TejasMk3]

Nothing much can be done US made the net,But never lose hope All hail uncle sam

Actually Britain made the net, Tim Berners Lee is British

 

[SrNair]

I dont care about sainthood. Im asking you who has fought wars with India? China and Pakistan? Or the big bad US?


As for snooping, dude every nation in the world with the capabiity engages in it? The question is where do you draw the line? Seeing the BJP up and rising, I think any country would be interested to learn what are its views and how to deal with them. You think the NSA wasn't snooping on Congress? Just ask our own NSA?



Like I said before, every nation on Earth will track the developments of every other nation if it can.


CHina and PAkistan does not have some enemity. They have full blown enemity against INdia.



The reality is that the US is far ahead of us. If Pakistan is making inroads and hurting India, its not in our interests and it's not in India's.


Last;y, let me remind you, it is the US who is trying to bring Pakistan and India to the table to make peace. India cut of its meeting with Pakistan after they went to meet Kashmiri separatists? WHo the f-k alows Kashmiris separatists to go to Pakistan and chit chat? Isn't that against our national security? CONGRESS has allowed them to do that for decades, yet they are the same idiots who did nothing yet jumped to bash Modi. They must really think Indians are fools and have short term memory, why else would they yapp about such stupid stuff?

Decision is ours and so its consequences and its responsibllity is also ours.We dont need anyones support that is above a certain limit.Good bilateral relation is enough.
We dont 'f' care whether US is ahead of us or not .US sincerity get a life a man.They dont do anything stupid now because of our status .They need us for their activity in Asia.But that was not the case in earlier decades.

 

[axisofevil]

Decision is ours and so its consequences and its responsibllity is also ours.We dont need anyones support that is above a certain limit.Good bilateral relation is enough.
We dont 'f' care whether US is ahead of us or not .US sincerity get a life a man.They dont do anything stupid now because of our status .They need us for their activity in Asia.But that was not the case in earlier decades.

Tell me why does the US "need" us? What status? Were they not actively helping us on the world stage and hyping up our "status?" We are imporving but we have miles to go.


As for the decision, it involves every Indian not just you. I suspect many Indian youth love the US and what it stands for. They can see thru the BS. Sure, its not perfect but who is. Its a hell of lot better than other countries that sit around and lecture others about doing the right thing but wont do the right thing.


As for the US being ahead, I wasn't referring to India I as pointing out in terms of cyberwarfare and CHina.

 

[DesiGuy]

if true...I applaud pakistan's effort..! good going!

 

[TankMan]

Meanwhile, in NSA Headquarters: