Global cyberattacks facilitated by Indian hack-for-hire company

Organizations in the U.S., Canada, China, India, Myanmar, Pakistan, the United Arab Emirates, and other parts of the world have been subjected to cyberattacks enabled by Indian hack-for-hire firm Appin Software Security since 2009, according to SecurityWeek. Aside from targeting Chinese government officials and military liaison officers, Appin also deployed keylogger attacks against Pakistani government officials, as well as targeted Norwegian telecommunications firm Telenor and an activist in Angola, a report from SentinelOne revealed. Appin's operations involve the utilization of a third-party contractor for purchasing infrastructure, including servers which the company would then leverage for data theft, malware distribution, command-and-control, phishing, and other malicious activity without being detected. Numerous private spyware and employee-developed intrusion tools have also been used by Appin, which leveraged the freelancing platform Upwork to facilitate malware acquisition. "The research findings underscore the group's remarkable tenacity and a proven track record of successfully executing attacks on behalf of a diverse clientele," said SentinelOne.