Indian businesses targeted in ‘Bioazih’ Trojan attacks
Thu 14 May 2015
A new malware has been discovered in India which put users at risk from a phishing virus that was capable of negatively altering personal data, according to the country’s leading cyber security experts.
A report released by the Computer Emergency Response Team of India (CERT-In) revealed that the virus, named Bioazih, could disguise itself behind up to five aliases to cover its malicious intent and could “execute commands remotely, upload data, download and execute files” without authorisation.
The group has warned of the potential danger of Bioazih which uses a Trojan technique to provide a backdoor for hackers to remotely access a computer system to manipulate or steal data.
“It has been reported that a new malware having backdoor functionalities dubbed as ‘Bioazih’ is spreading […] The malware propagates by means of spear phishing emails containing attached malicious document exploiting Microsoft Office vulnerability or the Remote Access Trojan (RAT) may infect the targeted users system by means of malware dropper also…” the cyberattack security agency explained.
CERT-In added that the malware makes use of several anonymity techniques to remain unidentifiable, including employing virtual private networks to host its servers and mask its origins.
“Once connection is established, the malware then is capable of communicating with command and control server to execute remote commands, upload and download data, create and delete files, manipulate files and folders, terminate itself among others,” the agency added.
“The users should look for identifications like the name Bioazih and its aliases in suspect emails and links and should refrain from clicking on them […] Also, security firewalls on personal systems, emails and other online platforms should be strong to avoid getting attacked by it,” advised one cybersecurity expert.
The CERT-In team is a government agency charged with tackling phishing attacks, hacking and building security defences in the Indian cyberspace.
