Monday, May 5, 2025
HomeCyber Security NewsModifiedElephant APT Hacker Group Remain Secret For Years Using Advanced Sophisticated Techniques

ModifiedElephant APT Hacker Group Remain Secret For Years Using Advanced Sophisticated Techniques

Published on

SIEM as a Service

Follow Us on Google News

It’s been reported recently that the ModifiedElephant APT Hacker group remains secret for years using advanced sophisticated techniques. And the cybersecurity researchers of SentinelLabs have asserted these specified details regarding the advanced persistent threat (APT) actor group ModifiedElephant.

However, they have been implementing their techniques and conducting different attacks for a decade. The threat actors of this group used tactics that generally allowed it to operate in utmost secrecy.

And all this is being done by the threat actors outwardly connecting the dots of the cybersecurity companies during their attack.

- Advertisement - Google News

Targets & Objectives of ModifiedElephant 

The main objective of this threat group ModifiedElephant is very long-term surveillance. However, this implements a delivery of evidence that is a file that incriminates all the targeted crimes.

That’s why the analysts have done proper research and found that this threat group has targeted hundreds of groups and individuals. This includes:-

  • Journalists
  • Human rights defenders
  • Activists
  • Law professionals from India

Campaigns

As we said above that this threat group has been conducting several attacks over a decade, and for this reason only we have mentioned some of the campaigns that have been operated as well as conducted by the ModifiedElephant:-

  • In the year 2013, with the motive to drop malware, the threat actors of this group have used emails attachment along with the fake double extensions.
  • In the year 2015, the threat actors of this group moved to password-protected RAR attachments that initially contained legitimate lure documents.
  • In the year 2019, the operators of this group started hosting malware-dropping sites, and not only this, but they also abused the cloud hosting service. 
  • In the year 2020, the operators have used 300 Mb files of RAR with the motive of evading detection just by skipping scans.

Attacker’s toolkit

After having a proper investigation, the experts have claimed that they had not found any link that would say that the operators had been using any backdoor.

Due to this, we can say that the threat actors have not used any custom backdoors in any of their operations. And the malware that has been found in the campaigns are:- 

  • NetWire
  • DarkComet

However, these Trojans are publicly available and are being used by several threat actors.

Attribution

While the ModifiedElephant hacker group has been on the radar for a very long time, the security analysts are trying to find all the key links, and therefore they took it as a challenge.

Till now, ModifiedElephant has aligned itself with the Indian State interests, and not only this but it has been noted that there is a correlation between ModifiedElephant attacks and the arrest of individuals in different politically charged cases.

This kind of threat attack is very unsudden, and one must stay alert so that this kind of threat group cannot implement their planned operation.

Moreover, the experts have detected all the possible key links, and they are still searching, as there are still many questions regarding these threat actors and their operations.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...