ModifiedElephant

Make PDF

About ModifiedElephant-

• It is a hacking group that typically weaponises malicious Microsoft Office files to deliver malware to their targets. 
• Its operators have been infecting their targets using spear phishing emails with malicious file attachments over the last decade, with their techniques getting more sophisticated over time.
• Its purpose is to obtain remote access to and unrestricted control of victims’ devices. 
• The report also revealed that NetWire and DarkComet, two publicly-available remote access trojans (RATs), were the primary malware families deployed by ModifiedElephant. 
• It also sent android malware to its victims which is an unidentified commodity trojan delivered as an APK file. 
• The analysis revealed that the group operates in an overcrowded target space where multiple actors are targeting the same victims and that it may have relations with other regional threat actors. 
• As per report, Multiple individuals targeted by ModifiedElephant have also been targeted by Pegasus and other mobile surveillance spyware.
• ModifiedElephant’s phishing email payloads share infrastructure overlaps with Operation Hangover, an espionage network previously used in surveillance efforts against targets of interest to Indian national security.
• In India, it allegedly planted incriminating evidence on the personal devices of Indian journalists, human rights activists, human rights defenders, academics and lawyers including the activists arrested in the Bhima Koregaon ase of 2018.
• Devices can be protected from this malware with multi-factor authentication (MFA) to ensure that ones’ email IDs and other accounts aren’t compromised in the first place. 
• With MFA, one needs two pieces of information, like a password and a randomly generated token, in order to log in to a system or account.

Make PDF