Domains registered by Pak Malicious Actors – CGDA issued list of malicious websites registered under “.in” domain
“हर काम देश के नाम”
रक्षा लेखा महानियत्रक
उलान बटाररोड, पालम, दिल्ली छावनी-110010
Controller General of Defence Accounts
Ulan Batar Road, Palam, Delhi Cantt.- 110010
No. Mech/IT&S/810/Cyber Security/Misc
All PCsDA/CsDA/PrIFA/IFA/PC A(Fys)
(through DAD WAN/email)
Sub: Domains registered by Pak Malicious Actors.
It has been observed that few websites have been registered under “.in” domain which are originally hosted by Pak based malicious actors. These websites are hosted to trap Indian Defence Personnel. The list of websites identified till date are as under :
|S. No.||Malicious Domain|
2. Further research at national levels is in progress to identify more such domains. These domains can be used to launch spear phishing attacks against Armed forces.
3. In view of the above, the following actions are’to be taken immediately to contain spread of these campaigns:
» Block the malicious URLs mentioned at para 2 above at perimeter security devices of AFTI/JSOs.
» Sensitise all personnel under respective AOR regarding these phishing campaigns originating from these phishing domains and download applications only from trusted websites.
» Sensitise persons to not enter their NIC login credentials when redirected login page appears.
» Forward any: suspicious emails DCyA email ID ([email protected]) without clicking on any link/opening any attachments/enter credentials for analysis and further guidelines.
» Post forwarding to DCyA, delete phishing emails from the inbox and
trash folders of all the recipients.
4. In view of the above, all the:Controllers are advised to ensure compliance of the guidelines given above and disseminate these guidelines to all their sections and sub offices for strict compliance.
Sr. ACGDA (IT&S)