×

UPSC Courses

IAS Foundation 2024

Optional Classes

Current Affairs

Test Series

Others Links

UPSC Prelims Classes 2024

Crash Course

Regular Modules 2024

Prelims

Mains Classes 2024

Mains & Interview

Mains Material

Test Series

Mains

Optional

Free Study Material

editorial plus

Editorial Plus

NetWire- Infiltrated Remote Access Trojan

  • 27 February, 2021

  • 8 Min Read

NetWire- Infiltrated Remote Access Trojan

Introduction

  • Activist Rona Wilson, who has been imprisoned since June 2018 in connection with the Bhima Koregaon violence case, filed a petition in the Bombay High Court seeking a stay on proceedings against him and others who are co-accused.
  • His petition referred to a report brought out by Arsenal Consulting, a digital forensics consulting company. The report states that for 22 months, Mr. Wilson’s computer was controlled by an attacker whose goal was to deliver incriminating documents onto his computer, which formed the basis of the case against him.

What was Arsenal Consulting’s analysis based on?

  • Arsenal Consulting says its analysis was based largely on a forensic image obtained from the hard drive within Mr. Wilson’s computer.
    • A forensic image is often described as a bit-by-bit copy of any electronic device that can store memory.
    • Such an image will include even deleted data or data that were inaccessible to the user.
    • It is considered an important part of digital evidence-gathering during investigations.

How was the computer infiltrated?

  • What is being conveyed by the report is that Mr. Wilson’s computer got infiltrated by a malware that enabled his system to be remote-controlled.
  • Over the course of 22 months, it says, the attacker not only created a hidden folder in his system, but also created incriminating documents inside that folder.
  • These, it says, were never opened but ended up being used in the case against him and others.
  • The report says his computer got compromised on June 13, 2016 after a series of “suspicious mails” from “someone using Varavara Rao’s email account”.
  • Mr. Rao is a co-accused in the case. This person is said to have made repeated attempts to get Mr. Wilson to open a document, which he finally did.
  • This was a bait, and it triggered the installation of the NetWire remote access trojan on his computer.
  • The bait was delivered via an RAR file, which usually contains one or many files in a compressed format.
  • The report says while “Mr. Wilson thought he was opening a link to Dropbox” in the email sent to him, he was actually opening a link to “a malicious command and control server”.

What is NetWire?

  • NetWire, which first surfaced in 2012, is a well-known malware.
  • It is also one of the most active ones around.
  • It is a remote access trojan, or RAT, which gives control of the infected system to an attacker.
  • Such malware can log keystrokes and compromise passwords.
  • Malware, according to cybersecurity experts, essentially do two things.
    • One is data exfiltration, which means stealing data. Most anti-virus software are equipped to prevent this.
    • The other involves infiltrating a system, and this has proven to be far more challenging for anti-virus software.
  • NetWire is described as an off-the-shelf malware, while something like Pegasus, which used a bug in WhatsApp to infiltrate users’ phones in 2019, is custom-made and sold to nations.

What is a command and control server?

  • The commands emerging from this server is what the infected system will carry out.

How did Arsenal Consulting figure out that the incriminating documents were never opened on Mr. Wilson’s computer?

  • Arsenal Consulting says it reviewed the NTFS file system, which can be found on any Windows system.
  • This is a system of storing and organising files. It keeps a log of the files — whether they are created, modified, or deleted.
  • Object identifiers are assigned to files when they are either created or first opened. Arsenal Consulting says none of the “top ten documents” have any such identifiers.

 

Source: TH

Previous
India-U.S. relationship- During the Biden's regime
Next
India-U.S. relationship- During the Biden's regime

Important Editorials

Union Budget 2024-25: Highlights –Interim Budget

Acculturation

I2U2 FOOD PARK

LABOUR CODE

Organisation Of Turkic State and India-Turkey Relation

Tribal Welfare

Central Bureau of Investigation (CBI): Deep Analysis

Indo Pacific Region: Detailed Overview

IMPORTANT CHINESE PRESIDENTS AND THEIR CONTRIBUTION

Creating safe digital spaces

India’s position in Afghanistan

MPLAD SCHEME

Will India be sanctioned for the S-400 purchase?

Retail Direct Scheme and The Integrated Ombudsman

Was it really a black hole that the EHT imaged in 2019

Top Editorials

Toppers

Search By Date

UPSC Courses

Saarthi Mentorship Programme

Our Popular Courses

Target 50 PT Cum Mains CSAT Foundation Basic To Advance Integrated Test Series 2024 GS Crash Course

Module wise Prelims Batches

Science And Tech Capsule Polity Crash Course History Carsh Course Ancient History Capsule Mapping & Geography Economy for UPSC Environment for UPSC RAW Live MCQ (Test Series) Newspaper Analysis Sanjeevani Batch for UPSC

Mains Batches

GS Mains Crash Course Paper Wise - GS Mains Crash Course Ethics for UPSC Mains 3 years Editorial & You Batch Essay Writing

Test Series

Writing Skill Development Programme Geography Optional Test Series Essay Writing crash course

Important Tags

Newsletter Subscription
SMS Alerts

Important Links

Economics basic to advance

Challenge UPSC 2024 - PT Tricks

 

ONGOING

  • Online
  • Recorded

Click here

Copyright 2023 CLT TECHNOLOGIES AND EDU-PUBLISHERS PRIVATE LIMITED. All rights reserved.

UPSC GS Mains Crash Course - RAW Prelims Answer Key 2024