Cybernews reports that India was subjected to a China-linked cyberespionage campaign in early December that involved the spoofing of India's tax office.Malicious emails purporting to be from the Income Tax Department of India included a file that allowed the exploitation of a trusted Windows process for covert operations, as well as the deployment of an initial stage loader that conducted comprehensive anti-analysis checks, according to an analysis from eSentire's Threat Response Unit.Subsequent retrieval of the secondary payload is followed by privilege escalation and the distribution of a custom toolkit that fortifies persistence before the launch of the Chinese-developed SyncFuture TSM software, which has been adapted as a surveillance framework. Aside from the exploitation of SyncFuture software, attackers have also harnessed multiple code-signing certificates signed from 2019 to 2024."The campaign demonstrates characteristics consistent with advanced persistent threat (APT) operations focused on long-term espionage rather than financial gain," said the report.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



