{ "id": "29b1e35e-45b4-4280-881e-c6fbf3dd12d9", "created_at": "2026-04-06T00:21:19.192252Z", "updated_at": "2026-04-10T03:23:52.196278Z", "deleted_at": null, "sha1_hash": "d58f8f343a35179d5986f75695b35360ba91b2ef", "title": "Beware, Bioazih virus on prowl in Indian cyberspace: Cert-In", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 51822, "plain_text": "Beware, Bioazih virus on prowl in Indian cyberspace: Cert-In\r\nBy PTI\r\nPublished: 2015-05-14 ยท Archived: 2026-04-05 13:15:38 UTC\r\nNEW DELHI: The Indian cyberspace has been hit by the malicious activity of a potentially threatening virus\r\nwhich can execute phishing attacks to negatively alter users' personal data, country's lead cybersecurity agency\r\nhas said.\r\nThe anti-cyberattacks agency\r\nComputer Emergency Response Team\r\nof India (\r\nCert-In\r\n), has detected that the virus identified as 'Bioazih' which can acquire as many as five aliases to hide its evil\r\ndesigns and \"can execute commands remotely, upload data, download and execute files\" in an unauthorized\r\nmanner.\r\n\"It has been reported that a new malware having backdoor functionalities dubbed as 'Bioazih' is spreading.\r\n\"The malware propagates by means of spear phishing emails containing attached malicious document exploiting\r\nMicrosoft Office\r\nvulnerability or the Remote Access\r\nTrojan\r\n(RAT) may infect the targeted users system by means of malware dropper also,\" Cert-In said in its latest advisory\r\nto internet users.\r\nThe Cert-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian\r\nInternet domain.\r\nhttps://timesofindia.indiatimes.com/tech-news/Beware-Bioazih-virus-on-prowl-in-Indian-cyberspace-Cert-In/articleshow/47281885.cms\r\nPage 1 of 2\n\nThe virus' threat is critical as it belongs to the deadly 'Trojan' family and a 'spear phishing' attack is a clever\r\nactivity done by an infectious malware to hit a healthy system stealthily.\r\nThe agency said the malware makes use of different techniques to maintain anonymity of its command and control\r\nservers or it sets up virtual private networks to host their servers in order to hide their actual locations.\r\nFollow TOI Tech on Twitter \u003e\u003e\u003e @toi_tech\r\nAnd like us on Facebook \u003e\u003e\u003e TOI_tech\r\nSource: https://timesofindia.indiatimes.com/tech-news/Beware-Bioazih-virus-on-prowl-in-Indian-cyberspace-Cert-In/articleshow/47281885.c\r\nms\r\nhttps://timesofindia.indiatimes.com/tech-news/Beware-Bioazih-virus-on-prowl-in-Indian-cyberspace-Cert-In/articleshow/47281885.cms\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://timesofindia.indiatimes.com/tech-news/Beware-Bioazih-virus-on-prowl-in-Indian-cyberspace-Cert-In/articleshow/47281885.cms" ], "report_names": [ "47281885.cms" ], "threat_actors": [ { "id": "d90307b6-14a9-4d0b-9156-89e453d6eb13", "created_at": "2022-10-25T16:07:23.773944Z", "updated_at": "2026-04-10T02:00:04.746188Z", "deleted_at": null, "main_name": "Lead", "aliases": [ "Casper", "TG-3279" ], "source_name": "ETDA:Lead", "tools": [ "Agentemis", "BleDoor", "Cobalt Strike", "CobaltStrike", "RbDoor", "RibDoor", "Winnti", "cobeacon" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434879, "ts_updated_at": 1775791432, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/d58f8f343a35179d5986f75695b35360ba91b2ef.pdf", "text": "https://archive.orkl.eu/d58f8f343a35179d5986f75695b35360ba91b2ef.txt", "img": "https://archive.orkl.eu/d58f8f343a35179d5986f75695b35360ba91b2ef.jpg" } }