HOME space ABOUTCERTIn space KNOWLEDGEBASE space TRAINING space ADVISORIES space VULNOTES space space SECUREPC space Facebook space Twitter
WLine
csk
WLine
Full Member FIRST
Line
Full Member APCERT
Line
Global Research Partner APWG
Line
About CERT-in
Line
point point Client's /Citizen's Charter
Line
point point Roles & Functions
Line
point point Advisory Committee
Line
point point Act/Rules/Regulations
Line
point point Press  
Line
point point Recruitment NEW
Line
point point Tender  NEW
Line
point point Download Brochure
Line
point Subscribe Mailing List
Line
point Contact Us
Line
Reporting
point
Incident Reporting
Line
Vulnerability Reporting
Line
Feedback
Line
KnowledgeBase
Line
Point Guidelines
Line
Point Presentations
Line
Point White Papers 
Line
Point Monthly Security Bulletin 
Line
point Point Annual Report 
Line
Line
Line
line
Line
Advisories
Line
VulnerabilityNotes
Line
RelatedLinks
Line
point Point World CERTs
Line
point Security Sites
line
point Security Tools
line
point Antivirus Resources
line
FAQ
line
Archive
line
line
line
line
line
Line
Line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
spacer
Home - Current Activities
point

CURRENT ACTIVITIES

Surge in crypto mining activities through MikroTik Router
(October 09, 2018)
There are reports of large scale crypto mining done through thousands of compromised routers that injects a crypto miner on all websites visited by the owners. Using Crypto mining, attackers used the user system resources (Power, computation capacity) to mine crypt currency without user permission.
[More >>]
Safeguarding from SMShing income tax refund attacks
(August 07, 2018)
There have been increased reports of incidents related to fake SMS purportedly from Income Tax department as the filing of Income Tax Return nears. This SMShing campaign uses popular URL shortening services such as bit.ly,goo.gl,ow.ly and t.co etc.
[More >>]
New "PyRoMineIoT" Miner and IoT Device Scanner Malware
(June 25, 2018)
It has been reported that a crypto-currency miner dubbed "PyRoMineIoT" has been spreading widely across different countries.
[More >>]
Prowli Malware Targeting Servers, Routers and IoT Devices
(June 12, 2018)
It has been reported that a traffic manipulation and cryptocurrency mining campaign affecting servers, modems and internet-connected devices across the world.
[More >>]
Fake Fortnite Apps
(June 06, 2018)
It has been reported that several malicious applications which masquerade as the popular game Fortnite for Android.
[More >>]
Cryptocurrency-Mining Malware Targeting IoT devices
(May 31, 2018)
Cybercriminals have been actively using cryptocurrency-mining malware to exploit consumer hardware graphics processing units (GPUs) and take advantage of processing power of devices.
[More >>]
Increased HIDDEN COBRA activity
(May 30, 2018)
US CERT has shared reports about the ongoing malware activity of the alleged North Korean based threat group called HiddenCobra /lazarus.
[More >>]
New VPN Filter Malware targeting networking devices
(May 30, 2018)
A widespread use of a sophisticated multi-stage modular malware system dubbed "VPNFilter" has been reported with versatile capabilities to support both intelligence-collection and destructive cyber attack operations.
[More >>]
Roaming Mantis/XLoader/MoqHao
(May 28, 2018)
A resurgence in the Roaming Mantis malware campaign is reported by updating the attack vectors and targeting a wider community by adding support for 27 other global languages including European and Middle Eastern in a bid to broaden its geographic range.
[More >>]
Pre-Installed Malware on popular Android Based devices
(March 19, 2018)
It has been reported that malicious apps are installed through supply-chain attack on major Android Based Mobile Devices. These mobiles are reportedly come pre-installed with malware adware/backdoor. Dubbed as RottenSys, the malware disguises as "System-Wifi-Service" and reportedly spread to around 5 million devices for fraudulent ad-services and other potential malicious activities.
[More >>]
Surge in unauthorized crypto mining activities
(March 12, 2018)
It has been reported large scale crypto mining malware distribution leveraging Apache SOLR, Oracle WebLogic, Redis and Windows Servers trying to exploit the vulnerabilities CVE-2017-9805, CVE-2017-12629 and vulnerable SMB version.
[More >>]
Memcached Reflection/Amplification DDoS Attacks
(March 01, 2018)
It has been observed that an increase in access to port number "11211"/udp targeting memcached servers. Memcached is a memory caching system used to speed up a dynamic database of the websites by caching the data in RAM which can increase the loading time by reducing the number of times an external data source must be read.
[More >>]
Surge in Drive-by-cryptomining on android Platforms
(February 15, 2018)
It has been reported that a surge in Drive-by-cryptomining activity targeting Android platforms.
[More >>]
Increase in JavaScript-based in-Browser cryptocurrency mining
(February 09, 2018)
It has been observed that a surge in unauthorised Cryptocurrency miners in websites. This crypt-ojacking or "Drive-By-Crypto Currency attack", hijacks the computer resources of the site visitors and turn their resources to cryptocurrency miners without user¿s knowledge or consent . A JavaScript cryptocurrency mining solution such as "Coinhive" offered miner service for the Monero Blockchain (XMR) directly within a web browser using a simple JavaScript library. A sample Coinhive script Mining Code
[More >>]
BAD RABBIT RANSOMWARE
(October 25, 2017)
A large scale ransomware campaign dubbed "bad rabbit" is reported spreading. Initial information indicates genuine sites were compromised [watering hole style attack] and that directed victims to a fake Flash update that downloaded the malicious Bad Rabbit executable.
[More >>]
Previous   |  Next >>
point
Indian Computer Emergency Response Team - CERT-In, Ministry of Electronics and Information Technology, Government of India.
Website Policies |  Terms of Use |  Help Last Updated On December 11, 2018