Connect with us

National

US company’s tech abused by Indian govt to spy on Pak, China: Report

Published

on

New Delhi, Sep 18: A US companys tech was abused by the Indian government amid warnings that Americans are contributing to a spyware industry already under fire for being out of control, Forbes reported.

Earlier this year, researchers at the Russian cybersecurity firm Kaspersky had witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through till April 2021. What piqued the researchers’ interest was the hacking software used by the digital spies, whom Kaspersky had dubbed as ‘Bitter APT’, a pseudonym for an unspecified government agency. Aspects of the code looked like some of the Moscow antivirus providers had previously seen and attributed to a company it gave the cryptonym ‘Moses’, the report said.

Sometimes, American companies aren’t the victims, but the ones fuelling costly digital espionage. Moses’ real identity, Forbes has learnt, is a company based in Austin, Texas, called Exodus Intelligence, according to two sources with knowledge of the Kaspersky research. And Bitter APT, the Moses customer, is India, added one source.

Little known outside the cybersecurity and intelligence worlds, over the last ten years, Exodus has made a name for itself with a Time magazine cover story.

Exodus, when asked by Five Eyes countries (an alliance of intelligence-sharing countries that includes the US, the UK, Canada, Australia and New Zealand) or their allies, will provide both information on a zero-day vulnerability and the software required to exploit it.

But its main product is akin to a Facebook news feed of software vulnerabilities, sans exploits, for up to $250,000 a year. It’s marketed primarily as a tool for defenders, but customers can do what they want with the information on those Exodus zero days, ones that typically cover the most popular operating systems, from Windows to Google’s Android and Apple’s iOS.

That feed is what India bought and likely weaponised, said Exodus CEO and co-founder Logan Brown. He told Forbes that after an investigation, he believes that India handpicked one of the Windows vulnerabilities from the feed-allowing deep access to Microsoft’s operating system, and Indian government personnel or a contractor adapted it for malicious means.

India was subsequently cut off from buying new zero-day research from his company in April, said Brown, and it has worked with Microsoft to patch the vulnerabilities. The Indian use of his company’s research was beyond the pale, though Exodus doesn’t limit what customers do with its findings, Brown said, adding, “You can use it offensively if you want, but not if you’re going to be shotgun blasting Pakistan and China. I don’t want any part of that, (The Indian embassy in London hadn’t responded to requests for comment),” Forbes reported.

The company also looked at a second vulnerability Kaspersky had attributed to Moses, another flaw that allowed a hacker to get higher privileges on a Windows computer. It was not linked to any particular espionage campaign, but Brown confirmed that it was one of his company’s, adding that it would “make sense” that India or one of its contractors had weaponised that vulnerability too, the report said.

Brown is also exploring whether its code has been leaked or abused by others. Beyond the two zero days already abused, according to Kaspersky, “at least six vulnerabilities” made by Moses have made it out “into the wild” in the last two years.

Also according to Kaspersky, another hacking crew known as DarkHotel – believed by some cybersecurity researchers to be sponsored by South Korea – has used Moses’ zero days.

South Korea is not a customer of Exodus. “We are pretty sure India leaked some of our research. We cut them off and haven’t heard anything since then, so the assumption is that we were correct,” Brown said.

Knowing that its zero days can be used offensively, Brown’s company could have chosen not to sell to India, a country that’s been accused of abuse of spyware in recent revelations about global use of tools made by Israel’s $1 billion-valued NSO Group, the report said.

Continue Reading

National

Maharashtra government tells HC, Param Bir Singh non-traceable

Published

on

jijjjjjj ajsndoasdas

Continue Reading

National

Testyoungmoney buddy god days

Published

on

hdbsjadnasdasje eic aopnrof fjsdams;laksd

Continue Reading

National

Call me “Dada”, not “Sir”, Tripura CM Biplab Kumar Deb to employees

Published

on

Agartala: In what appears to be a step to boost the morale of the government employees, Chief Minister Biplab Kumar Deb on Sunday asked the government employees to call him “Dada” instead of “Sir”. “Call me Dada, not sir. It enhances the warmth of the relationship”, Deb told a gathering of government employees.

Deb exhorted the government employees of the state especially ASHA and Anganwadi workers of the state asking them not to dishearten as the state government was eager to improve their pay structure.

“I salute the ASHA and Anganwadi workers of my state. The level of dedication that my sisters have shown during the pandemic period deserved applause. I know, they want to hear good news from me and I am assuring you all that this government will not disappoint anyone”, Chief Minister Biplab Kumar Deb told a gathering of government employees at Badharghat sports school field organized by Vivekananda Vicha Manch (VVM).

VVM has emerged as a big platform of government employees, of late, and Sunday’s public rally was its first big gathering to thank the Chief Minister for the series of steps his government took for the welfare of the employees.

“I know what challenges you people are facing. Nothing is hidden in front of me. I am assuring you all everything will be taken care of in the due course of time”, he added.  Lauding the efforts of government employees Deb said, without them no government office can function.

“Due to the efforts of government employees, people can access the benefits of the state sponsored welfare schemes. But, for a prolonged period the employees did not get their right to do something freely. They were trapped in the clutches of unions. In the previous regime, Left sponsored unions used to enjoy supreme power which had reduced the whole work culture of the state to tatters. In 2018, you people showed courage and voted BJP to power”, said Deb.

“Despite fund constraints, the state government is positively working on the issues of DA and other factors pertaining to the interest of the government employees. Our government has already addressed a number of issues related to financial benefits. The ad-hoc promotion, increment for Group D, Group C employees, regularization of SSA teachers, seventh pay scale, UGC scale for professors, special benefit for LTC are to name a few. All these indicate what we want to do and we shall do what we promise”, the Chief Minister said.

The Chief Minister also asked the officials not to call him “sir” suggesting them to refer to him as “Dada” as it makes the relationship stronger and cherished. The Chief Minister also distributed clothes among children of Badharghat sports school during the programme. State BJP President Manik Saha, Minister Ram Prasad Paul, Minister Sushanta Chowdhury, MLA Mimi Majumder, state BJP Vice President and president of Vivekananda Vichar Manch Rajib Bhattacharjee also spoke on the occasion.

Continue Reading

Trending