FireEye has revealed a Chinese group is targeting India to steal information about ongoing border disputes and other diplomatic matters.
According to FireEye, advanced persistent threat (APT) group sent targeted phishing emails containing Microsoft Word attachments to its intended victim.
The Word documents contained a script called WATERMAIN, which creates backdoors on injected machines if opened.
In addition, some of these attacks were detected in April 2015, before PM Narendra Modi visited China.
The firm added WATERMAIN activity is targeting India since last four years with more than 100 victims.
The Chinese group has also targeted Tibetan activists and others in Southeast Asia with a focus on governmental, diplomatic, scientific and educational organizations.
This apart, in April, FireEye revealed the details of APT30, a decade-long cyber espionage campaign by suspected China-based threat actors that compromised an aerospace and defence company in India among others.
“Organizations should redouble their cyber security efforts and ensure they can prevent, detect and respond to attacks in order to protect themselves,” said Bryce Boland, FireEye chief technology officer for Asia Pacific.
In June, Visa and FireEye collaborated to help merchants and issuers protect against advanced cyber attacks targeting payment data by providing tools and services.
Shilpa Khatri
