Government ministries and divisions have been advised by the Cabinet Division to take safety precautions. The departments should ensure that sensitive information does not leak at any cost.
The warning has been issued after a malicious email with the subject “Indian Army kidnaps Pakistan Army officer Lt Col (retired) M Habib from Nepal of spy swap” was sent to officers and staff of various government departments from a spoof email.
Malware Inside The Email
An advisory issued by the National Telecom and Information Technology Security Board said
The email contains in ‘Inpage exploit’. Downloading and opening the Inpage file executes a malware in [the] background that result[s] in hacking of the computer,
The advisory added that the attachment was named “Kulbhusan Yadav Vs MdHabib SpySwap.inp” and came from an email id called “Editor.farida&down.com.” The malware can corrupt all versions of Inpage Urdu till 2012.
The advisory explained the potential threat from the email by stating that it
Reads user’s computer information like operating system details, directory files list, network, IP, route and interfaces details, windows services information from the victim’s computer,
Moreover, the malware can steal the victim’s stored user ids and passwords and take control of their computer. This is quite similar to ransomware.
It can read information from the user’s open windows and act as a key logger to extract information such as passwords and a file stealer. Once the malware gets inside your computer, it can automatically execute itself on start-up.
Call for Action
It has been recommended by the advisory to install strong anti-virus software such as Kaspersky, Avira and Avast.
The government’s ministries and divisions are also advised to avoid the usage of Inpage and use Microsoft Word with Urdu language and Urdu word processor 1.1.
They have been warned to not open an email unless they are sure of its content and of the sender. They have also been instructed to reinstall Windows and disconnect their computer from the internet in case the user is able to foresee signs of a malware attack.
Via The Nation