Context: Raccoon Stealer, an information-stealing malware, was used to target eight Central government entities, including Central Paramilitary Forces and the Income Tax Department.
- National Technical Research Organisation (NTRO) has been tracking and reporting the activities of Raccoon Stealer malware, which is available as Malware-as-a-service (MaaS).
- It is an information stealer malware which is usually delivered through email that retrieves sensitive data from infected machines.
- Malware as a Service (MaaS) is a type of cybercrime model where malware is offered for sale or rent by cyber criminals as a service.
- Malware is malicious software specifically designed to exploit vulnerabilities in computer systems or networks.
- These services typically are available on the dark web. They are purchased to carry out various malicious activities, such as stealing sensitive information, disrupting computer systems, or encrypting data and demanding a ransom to unlock it.
- In this model, individuals or groups with little or no technical expertise can gain access to sophisticated and powerful malware tools and services, enabling them to launch cyber attacks without needing to develop or maintain their own malware. Thus, making it easier for cybercriminals to launch attacks and evade detection.
- MaaS operates similarly to legitimate Software as a Service (SaaS) models, where software is provided on a subscription or pay-per-use basis.
Some of the most common types of malware include
- Viruses: Programs that can replicate themselves and spread to other computers which can cause various problems, such as disrupting computer operations, stealing information, or damaging files.
- Trojan horses: These programs masquerade themselves as legitimate software but can carry out malicious activities, such as stealing data or giving attackers unauthorized access to a computer.
- Worms: A self-replicating program that can spread across networks, disrupting computer operations and consuming network resources.
- Adware: Software that displays unwanted advertisements on a computer. It can be intrusive and sometimes can track a user’s online activities.
- Ransomware: Encryption of a victim’s data with the demand for a ransom payment to unlock it. It can result in losing important data and files.
- Spyware: Software designed to collect information about a user’s online activities without their knowledge or consent to steal sensitive information (like financial statements and passwords).
- Bots: A bot, short for “robot”, is a type of software application or script that performs automated tasks on command like malicious activities.
National Technical Research Organisation
- National Technical Research Organisation (NTRO) is a highly specialised technical intelligence gathering agency under the National Security Advisor.
- The agency specializes in multiple disciplines, which include remote sensing, Signals Intelligence, data gathering and processing, cyber security, geospatial information gathering, cryptology, strategic hardware and software development and strategic monitoring.