CERT-In Current Affairs - 2020

Large Scale Phishing Attack using COVID-19 as Bait alerts CERT-In

To steal personal data (such as bank account details- debit/ credit card information) of Individuals and Businesses across the country, from 21st June 2020, a large scale phishing attack has been planned by malicious actors. This information asking the citizens to be cautious was issued by the nodal agency responsible to deal with cyber-attack threats in the country- The Indian Computer Emergency Response Team (CERT-In).

How you could be targeted?

Indian Citizens will be targeted through malicious ‘Emails’. These emails are likely to use COVID-19 as bait by using details of local government authorities (details such as logo, name, etc of government officers or departments those who are in-charge for various COVID-19 initiatives of the government) for making it look authentic.

The email will contain an external link that will drive the recipients of the email to some fake websites designed in such a way that the website may install a malicious file without the consent of the recipient of the email or may ask for entering personal or financial details on the pretext of raising fund for some government initiative.

As per the alert issued by CERT-IN: The Emails that will be sent might have a subject –‘Free COVID-19 testing for all residents’. The attackers could use various fake Email Accounts such as ‘ncov2019@gov.in’.

Shopper Malware: 14% Indians affected

A new Trojan called Shopper malware is increasing its presence among smart phone users. The malware is screening unsolicited ads and flashing fake reviews.

Highlights

The malware is now focusing on retail applications. The malware is capable of reading data being entered on the screen. As the trojan gains permission, it interacts with the system interfaces and captures every data being featured in the screen. After acquiring information, it is using google and Facebook data to register on popular shopping sites.

Earlier Malware encounters

Prior to Shopper Malware, the largest such infection was created by “Trojan-Dropper”.  This was between October 2019 to November 2019. It affected 14.23% of Indians. Russia was the most affected. Around 28.46% of Russians were infected due to the malware.

With these increasing cyber-crimes, Indian Government has set up Cyber Swachhta Kendra to detect such malware infections and clean them at the earliest.

Cyber Swachhta Kendra

The CSK are Botnet cleaning and Malware analysis centres. They operate under Indian Computer Emergency Response Team (CERT-In) under Ministry of Electronics and information Technology. They were established in accordance with National Cyber Security Policy. The Centre provides malware removal tools to fix them permanently. It is important to develop more such centres as India ranks third in list of countries with highest number of cyber threats.