Research Outfits and Indian Defence Organizations Are Targeted by Cyber Intruders Using “Mythic Framework”: Government of India
Research Outfits and Indian Defence Organizations Are Targeted by Cyber Intruders Using “Mythic Framework”: Government of India
Synopsis:
The Mythic framework offers a structured environment and a collection of tools for developing, deploying, and managing a Command and Control system that regulates a network of hacked computers.
The Indian defense and research organizations are being targeted by cyber assailants using a potent tool intended to assist cybersecurity professionals in thwarting potential threats, according to a warning issued by the Controller General of Defence Accounts (CGDA).
The advisory stated that threat actors were utilizing the Mythic C2 Framework, a tool specifically developed for cybersecurity professionals to detect weaknesses in networks.
Commas “C2” denotes “Command and Control.” When a computer system is compromised (hacked), the adversary must have a means of communicating with the compromised system, according to cybersecurity. Typically, this communication manifests as directives transmitted by the assailant in order to manipulate the compromised system.
This framework is utilized by cybersecurity experts to establish and manage a network of compromised computers.
This is frequently associated with evaluating and enhancing the security of computer systems in the context of cybersecurity.
The CGDA is entrusted with the audit, financial advisory, payment, and accounting responsibilities pertaining to all charges associated with the Armed Forces.
“It has been observed that the Mythic framework is being used to target diplomatic, defense, research organizations in Indian government and Indian Armed Forces or related assets in India by unknown actors,” according to the CGDA advisory.
Threat actors are constructing bogus domains that imitate Indian military and defense operations, according to the advisory. They then deliver malicious software embedded in PDF files via fraudulent emails.
Upon opening these PDFs, the embedded malware proceeds to assess the C2 server’s connectivity. The C2 server facilitates the download of customized malicious files, which subsequently acquire and deploy a malicious payload onto the victim’s computer, provided that a connection is established.
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
READ MORE NEWS HERE