Delhi-based hackers targeting Chinese, Pakistan servers says China

Chinese cybersecurity company Antiny Labs has supposedly identified a group of hackers based in Delhi who have been launching repeated cyber-attacks against government agencies in China and Pakistan according to a report published by the company. The group, dubbed 'Baby Elephant' has been targeting Chinese servers since 2017, the report claimed.

The location of the hackers was revealed when one uploaded a set of files to test their ability to evade anti-virus softwares. The company's vice chief engineer, Li Bosong, told the Global Times that they first detected "Baby Elephant" activities in 2017, when a number of large-scale targeted cyberattacks on the government, military and defence departments of South Asian countries were found.

'Baby Elephant' has used a variety of methods to steal data, including phishing sites, malicious Android applications, and uploading Trojans written in languages such as Python to steal various documents, browser cache passwords and other host system environment information from computers, Antiny Labs claimed. In one case the group had even used a fake Indo-Nepalese polling app to gain access to user's phones and data. The group had also carried out attacks by using fake emails of the Nepalese government, Including the  office of the Ministry of Foreign Affairs, the Ministry of National Defence, and the Prime Minister's office.

Defence and military units as well as state-owned enterprises in China, Nepal and Pakistan have come under the scanner of advanced hacking groups such as this one in previous years, the Global Times reported. Li Bosong also pointed out that similarity in the hacker group's tactics had helped the company trace back attacks to 2019, where they spotted an overlap in Chinese, Nepalese and Pakistani targets. Multiple signs showed that the 'Baby Elephant" had already become one of the most active and mature cyberattack organisations that threaten the cybersecurity of South Asia and Asia-Pacific.

It is also likely to become the main attack group in South Asia in the future, Li said.

Tags: