Central Asia Page 1

The North Korean state-sponsored cybercriminal organisation, Lazarus Group, has exploited a critical vulnerability in an unnamed software to breach a South Korean financial business entity. Based on reports, the group has already executed two cybersecurity attacks on the same commodity in the past six months. The first attack occurred in May last year when the...Continue Reading

Threat researchers have discovered a previously unknown hacking group called Clasiopa, targeting materials research organisations across Asia. The findings on this new hacking group have yet to uncover its origins. However, during the in-depth analysis of the new hacking group, the researchers noticed some references pointing out that Clasiopa might be Indian-based. These clues include...Continue Reading

Our monitoring team in iZOOlogic have recently discovered a new threat published by the Medusa ransomware group on their leak website, involving a Singaporean manufacturing facility ‘Diethelm Keller Aviation.’ Medusa ransomware adds the manufacturing facility to its list of victims, with a countdown on the page indicating when the group would leak the company’s stolen...Continue Reading

Believed to be a Chinese-based nation-backed group, the cyberespionage actors under the group name ‘Billbug’ has been seen launching a targeted campaign against government agencies, certificate authorities, and defence organisations in many Asian countries. The researchers said that the most recent campaigns launched by the threat group were since at least last March, but records...Continue Reading

Japanese organisations, including media and government, have recently been targeted by a China-backed APT group known as Stone Panda that employed a new stealthy infection chain against its targets. Stone Panda, which also goes by APT10, Cicada, Potassium, and Bronze Riverside, is a China-backed state group that was first found active as far back as...Continue Reading

The Insurance Regulatory and Development Authority of India, or IRDAI, has allegedly suffered from a cyberattack from a still unknown threat group. These findings are from our dark web team in iZOOlogic’s discoveries during a routine investigation within the cybercrime landscape. Though the incident is still under investigation, it shows that numerous life and non-life...Continue Reading

The website of the National Electric Power Regulatory Authority (NEPRA) in Pakistan has recently been compromised by the SideWinder APT, delivering the new WarHawk backdoor malware. Based on a report, the new WarHawk malware contains different malicious modules for Cobalt Strike attacks, has new TTPs, and has applied the Pakistan Standard Time zone to ensure...Continue Reading

The Indian police have advised all Gurugram City residents about potential cybercriminal threats against them following the rollout of 5G SIM services in the city. This advisory came after several people have reported complaints about scammers stealing their money from their bank accounts after they clicked some links sent on their phones. According to the...Continue Reading

Our dark web researchers from iZOOlogic have recently discovered a new data breach post from a threat actor under the username “NetSecOfficial,” which involved stealing alleged data from Flipkart, an Indian-based e-commerce giant that Walmart also owns. Based on the post in a cybercriminal forum, the hacker claimed that they hold Flipkart’s data worth about...Continue Reading

Indian Android users are warned after reports revealed that the SOVA banking trojan had begun targeting the region, especially those using mobile banking apps. Written in Kotlin, this malware was first detected last September targeting East Europe. However, CERT-In announced that India was added to SOVA’s list of targeted countries in July 2022. As a...Continue Reading