Mustang Panda Exploits Zoho WorkDrive in Attacks on Indian Government

Mustang Panda, a China-aligned cyber espionage group, is conducting dual attack campaigns targeting Indian government and energy sectors. They are utilizing Zoho WorkDrive as a command center, employing newly developed malware tools to exfiltrate sensitive data while camouflaging malicious traffic as legitimate cloud activity. The scope of the attacks is significant, affecting critical infrastructure and government operations. The group has been linked to previous cyber espionage activities, indicating a sustained effort to gather intelligence on Indian operations. Current status shows ongoing investigations and heightened security measures in response to these attacks.

Key Points: • Mustang Panda targets Indian government and energy sectors using Zoho WorkDrive. • Newly developed malware tools are employed to blend malicious traffic with normal cloud activity. • The attacks represent a significant threat to critical infrastructure and national security.