An Indian hacking group – SideWinder – was found involved in attacking Pakistani government institutions by launching cyber attacks. The National Telecommunication and Information Security Board (NTISB) has issued an advisory saying that the Indian hacking group tried to steal sensitive information from Pakistani users by infiltrating the systems of NADRA, the Pakistan Air Force, and other Pakistani government institutions.
Indian Hacking Group Gained Illegal Access to Mailing System of Various Departments
According to NTISB, the Indian hacking group illegally uses Pakistani government identities to gain access to legitimate mailing systems of various departments in Pakistan. The group was found involved in launching cyberattacks using phishing emails; it gained access to government departments using the credentials and malware embedded in fake emails for cyber espionage operations.
The NTISB has advised all government departments to timely run all applications and operating systems using reputed and updated antivirus. The advisory has also asked the government organizations to review the system’s security and use multi-factor complex passwords in each system, mobile, financial and mailing account. The security board has also advised government officials against using personal accounts on official systems and to avoid sharing personal details and credentials with unauthorized users, websites, and applications.
About the Group that Targeted Public Institutions
The SideWinder group came to the limelight in 2018 and has been active since 2012. Between May and October, the group targeted NADRA, SNGPL, FIA, and other important public institutions to steal citizens’ sensitive information. The SideWinder hacking group operates in South Asia and continuously changes its tactics and procedures, making them invulnerable. “They employ custom implementations to attack existing vulnerabilities and then deploy a Powershell payload in the final stages to distribute the malware. Sidewinder was also detected employing credential phishing sites that were copied from their victims’ webmail login pages,” explains a cybersecurity company, Rewterz.
Also read: Indian Hackers Targeted Computers of Pakistani Politicians, Generals