Security firm Symantec has come out with a new report which brings to light the activities of a cyberespionage group called Suckfly which targets Indian organizations. The attackers first arrived on the international scene back in March 2016 when they conducted attacks against a South Korean company to steal their digital certificates.
Since then, Symantec has traced a number of high-profile targets starting from April 2014 back to Suckfly. While the attacks spanned a number of different nations, the security company’s investigation claims that the primary targets of these assaults were governments and organizations based in India.
To make things worse, Indian firms showed a greater amount of post-infection activity via Suckfly’s custom Backdoor.Nidiran malware compared to businesses in other places. Symantec thinks this demonstrates that the attacks were part of a planned operation against particular targets in India.
Although the report did not name which organizations in India were affected by these attacks, Symantec mentions that they are well-known commercial businesses. The list includes a large e-commerce site, its shipping vendor, a top five IT firm, two government bodies, and a US-based healthcare provider’s Indian business unit.
Also Read: Social media scams in India grow by whopping 156%: Symantec report
Symantec asserts that Suckfly spent most of its energy hacking into the government’s network. One of the departments affected is in charge of implementing network software for a number of ministries and departments under the central government. The brand believes that is mostly due to the branch’s access to technology and data covering a wide range of Indian government organizations.
Symantec hasn’t been able to determine the motivation behind the attacks yet, but thinks it’s unlikely Suckfly devised these assaults on their own.