BTC $64486.1556
ETH $3493.5274
BNB $586.7387
SOL $134.6672
stETH $3495.2913
XRP $0.4867
DOGE $0.1240
TON $7.2057
ADA $0.3760
wstETH $4088.5086
TRX $0.1188
WETH $3488.5671
WBTC $64295.8483
AVAX $25.3097
UNI $9.9993
DOT $5.6473
LINK $13.7522
BCH $386.2148
MATIC $0.5665
weETH $3632.7427
LTC $74.0929
DAI $1.0007
PEPE $0.0000
RNDR $7.4609
BSC-USD $1.0007
FET $1.5399
CAKE $2.2330
ICP $8.2147
ezETH $3513.4372
USDE $1.0010
KAS $0.1464
ETC $23.4356
NEAR $5.2921
IMX $1.5404
APT $6.8279
XMR $162.4862
HBAR $0.0781
MNT $0.8030
ENS $25.6418
FDUSD $1.0003
OKB $41.8833
ONDO $1.2088
FIL $4.4138
STX $1.6530
MKR $2475.1037
ATOM $6.7546
SUI $0.9046
BTC $64486.1556
ETH $3493.5274
BNB $586.7387
SOL $134.6672
stETH $3495.2913
XRP $0.4867
DOGE $0.1240
TON $7.2057
ADA $0.3760
wstETH $4088.5086
TRX $0.1188
WETH $3488.5671
WBTC $64295.8483
AVAX $25.3097
UNI $9.9993
DOT $5.6473
LINK $13.7522
BCH $386.2148
MATIC $0.5665
weETH $3632.7427
LTC $74.0929
DAI $1.0007
PEPE $0.0000
RNDR $7.4609
BSC-USD $1.0007
FET $1.5399
CAKE $2.2330
ICP $8.2147
ezETH $3513.4372
USDE $1.0010
KAS $0.1464
ETC $23.4356
NEAR $5.2921
IMX $1.5404
APT $6.8279
XMR $162.4862
HBAR $0.0781
MNT $0.8030
ENS $25.6418
FDUSD $1.0003
OKB $41.8833
ONDO $1.2088
FIL $4.4138
STX $1.6530
MKR $2475.1037
ATOM $6.7546
SUI $0.9046
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Indian defence and government agencies have been hacked by Sidecopy

    Attackers use the well-known flaw in WinRAR to do their damage.

    A new cyberattack was launched by the Indian hacker group Sidecopy, which has been active since 2019. This was reported by experts from the Chinese cybersecurity firm Hunting Shadow Lab. The Indian armed forces, government agencies, and defence establishments are usually the group's targets.

    A single control server linked two hacking chains in the new attack:

    1. using the CVE-2023-38831 flaw in WinRAR to get the AllaKore RAT malware on targets.
    2. attaching harmful files to phishing emails that have already been sent. When the harmful Windows shortcut with the LNK extension is opened, a PDF file that looks like a real document about the work of the Indian organisation AIANGO comes to the fore. The DRAT Trojan is downloaded and started at the same time in the background.

    According to an analysis of the bait files' contents, the attack was once again aimed at the Indian military and defence establishments. Professionals say that the use of the WinRAR flaw points to a new tool in the Sidecopy toolkit. Hacking groups are already actively using this flaw against people.

    After a careful look at the malware used in the attack, the following was found:

    1. This is a normal remote access Trojan called Allakore RAT. It gets into a system through a flaw in WinRAR and can download and upload files as well as gather different kinds of information about it. His connection to the attackers' C2 server was made at 38.242.149.89.
    2. The.NET platform is used to write DRAT, and it is shared through LNK files. It has many features that let it control the system that has been hacked. Its messages are kept secret and encrypted for safety.

    Both programmes used different ways to hide their command and control servers and hide their code. Along with sharing indicators of compromise (IoC), Hunting Shadow Lab has already built rules into its products for finding malware and attacker infrastructure.

    The Sidecopy cyberattack shows how important it is to protect against all threats. Technical experts in an organisation are in charge of making sure that old software is updated on time. For example, WinRAR should be updated to version 6.23. They should also make sure that security tools are set up correctly and that systems they are in charge of are regularly scanned for viruses. Users should be careful and not open files that look sketchy that come from unknown sources.

    Author reign3d
    A new cyber threat poses a data theft risk to Chinese government agencies
    The hacker group Cyber Av3ngers says they broke into garbage treatment plants in ten cities

    Comments 0

    Add comment