Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.
Indian Government, Oil Companies Breached by 'HackBrowserData'
The malicious actor used Slack channels as an exfiltration point to upload the stolen data.
India's government agencies and energy companies are facing a new threat in the form of an espionage campaign using an open source information stealer.
"HackBrowersData," a modified information stealer, can collect user login credentials, cookies, and browser history, according to researchers at EclecticIQ, a Dutch cybersecurity firm. The researchers discovered the information stealer through a phishing email disguised as an invitation from the Indian Air Force.
According to the researchers, the threat actor used Slack channels to upload the stolen internal documents, emails, and browser data after the information stealer was executed. Each of the Slack channels the threat actor used was named "FlightNight," leading the researchers to dub the intrusion "Operation FlightNight."
Indian government entities responsible for IT governance, national defense, and electronic communications have been targeted. The bad actors also went after financial documents, personal identifiable information (PII), and oil and gas drilling data of the energy companies.
"In total, the actor exfiltrated 8.81 GB of data, leading analysts to assess with medium confidence that the data could aid further intrusions into the Indian government's infrastructure," the researchers wrote in a blog post.
EclecticIQ has since shared its research with Indian authorities to help support victims of these attacks.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024