Indian Government, Oil Companies Breached by HackBrowserData

  /     /     /  
Publicated : 23/11/2024   Category : security

Indian Government, Oil Companies Breached by HackBrowserData


The malicious actor used Slack channels as an exfiltration point to upload the stolen data.


Indias government agencies and energy companies are facing a new threat in the form of an
espionage campaign
using an open source information stealer.
HackBrowersData, a modified
information stealer,
can collect user login credentials, cookies, and browser history, according to researchers at EclecticIQ, a Dutch cybersecurity firm. The researchers discovered the information stealer through a phishing email disguised as an invitation from the Indian Air Force. 
According to the researchers, the threat actor used Slack channels to upload the stolen internal documents, emails, and browser data after the information stealer was executed. Each of the Slack channels the threat actor used was named FlightNight, leading the researchers to dub the intrusion Operation FlightNight.
Indian government entities responsible for IT governance, national defense, and electronic communications have been targeted. The bad actors also went after financial documents, personal identifiable information (PII), and oil and gas drilling data of the energy companies.
In total, the actor exfiltrated 8.81 GB of data, leading analysts to assess with medium confidence that the data could aid further intrusions into the Indian governments infrastructure, the researchers wrote in a
blog post
.
EclecticIQ has since shared its research with Indian authorities to help support victims of these attacks.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Indian Government, Oil Companies Breached by HackBrowserData