Cyberespionage campaign hits India

India had several of its government agencies and energy industry organizations subjected to cyberespionage attacks delivering the HackBrowserData information-stealing malware as part of the new Operation FlightNight campaign identified earlier this month, according to The Record, a news site by cybersecurity firm Recorded Future.

Nearly 9 GB of data, including internal files, cached web browser data, and private email conversations, have been exfiltrated in the cyberespionage campaign, which involved the delivery of an Indian Air Force-spoofing PDF document containing a shortcut deploying the HackBrowserData payload, a report from EcleticIQ revealed.

Despite not being linked to a specific hacking group, such an attack campaign was noted to be associated with a January GoStealer malware attack targeted at Indian Air Force officials that also sought to compromise browser data, suggesting a similar threat actor.

"Operation FlightNight and the GoStealer campaign highlight a simple yet effective approach by threat actors to use open-source tools for cyber espionage," said researchers.