A risk actor group named “Staff Mysterious Bangladesh” has claimed to have compromised the Indian Central Board of Increased Training (CBHE) methods.
In response to a brand new advisory by cybersecurity specialists at CloudSEK, the hackers would have stolen personally identifiable info (PII), together with names, Aadhaar numbers, Indian Monetary System Codes (IFSC codes) and different particulars of quite a few people.
“CloudSEK’s contextual AI digital danger platform XVigil found a risk actor group named Staff Mysterious Bangladesh who claimed to have compromised the CBHE Delhi, India,” the corporate wrote.
“The group talked about leaking details about college students from 2004 to 2022. The actor shared a snapshot of the info for a pupil.”
Entry to the admin panel of the CBHE Delhi platform would allow any particular person to see the outcomes of all college students from 2004 to 2022 and even delete or add information, CloudSEK defined.
“Therefore, the actors gained unauthorized entry to the admin panel, enabling them to compromise the info for CBHE Delhi India,” the corporate mentioned. “Moreover, a listing of the area was compromised by the hacktivist as they defaced it with their names.”
Extra typically, CloudSEK mentioned the leaked info may very well be used to achieve preliminary entry to the agency’s infrastructure, and generally used or weak passwords might result in brute-force assaults. The info might additionally present malicious actors with particulars required to carry out subtle ransomware assaults, exfiltrate information and keep persistence.
CloudSEK added that Staff Mysterious Bangladesh is thought for utilizing a number of scripts for distributed denial-of-service (DDoS) assaults and an HTTP flooding assault method much like DragonForce. Past the CBHE assault, the risk actor would additionally conduct hacktivism-focused campaigns in Iran.
To defend towards threats like this, the corporate has advised companies patch weak and exploitable endpoints and never retailer unencrypted secrets and techniques in .git repositories.
System admins must also monitor for anomalies in person accounts, presumably indicative of account takeovers, in addition to cybercrime boards for potential ways employed by risk actors.
The most recent CloudSEK advisory comes roughly two months after Leakbase mentioned somebody allegedly hacked the Swachhata Platform in India and stole 16 million person information.
