Kaspersky states that India is among the most heavily targeted nations by Transparent Tribe (alongside Pakistan and Afghanistan). To carry out acts of cyber espionage, the group reportedly uses spear phishing – a tactic where emails are sent from typically known or trusted contacts, therefore maximising the changes of the recipient interacting with the email. These emails typically carry attachments such as a Microsoft Word or any other Office document, which in turn have embedded macro elements containing the group’s signature Crimson RAT. Once these documents are downloaded, the RAT then enables the attackers to take over file systems, and in turn gain access to sensitive information.
Explaining the sophistication of the snooping campaign from the secretive threat actor, Giampaola Dedola, cyber security expert at Kaspersky, says, “Transparent Tribe continues to run a high amount of activity against multiple targets. During the past 12 months, we have observed a very broad campaign against military and diplomatic targets, using a big infrastructure to support its operations and continuous improvements in its arsenal.” Dedola affirms that the group shows no signs of slowing down its intelligence snooping activities.
While the Indian cyber space has steadily attracted increasing attention from all quarters, activities like cyber espionage is expected to grow increasingly, partly due to increasing digitisation of critical documents and infrastructure. Transparent Tribe’s Crimson RAT is one such malware, and its persistent actions suggest that such threats will continue to remain in the future.
Array
(
[videos] => Array
(
)
[query] => https://pubstack.nw18.com/pubsync/v1/api/videos/recommended?source=n18english&channels=5d95e6c378c2f2492e2148a2,5d95e6c778c2f2492e214960&categories=5d95e6d7340a9e4981b2e10a&query=crimson+rat%2Ccyber+attacks+in+india%2Ccyber+attacks+on+indian+government%2Ccyber+crime%2Ccyber-espionage&publish_min=2020-08-25T18:06:46.000Z&publish_max=2020-08-28T18:06:46.000Z&sort_by=date-relevance&order_by=0&limit=2
)