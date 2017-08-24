ISLAMABAD - The Cabinet Division has directed all the government ministries and divisions to take necessary measures to safeguard against leak of sensitive information, as a malicious email could result in hacking of computers.

The directives have been issued after a malicious email with the subject “Indian Army kidnaps Pakistan Army officer Lt Col (retired) M Habib from Nepal of spy swap” was sent to officers and staff of various government departments from a spoofed email.

“The email contains in ‘Inpage exploit’. Downloading and opening the Inpage file executes a malware in [the] background that result[s] in hacking of the computer,” said an advisory issued by National Telecom and Information Technology Security Board, Cabinet Division, which is sent to all government’s ministries and divisions.

Giving details of the malicious email, the advisory stated that the attachment was titled, “Kulbhusan Yadav Vs MdHabib SpySwap.inp” from an email id “Editor.farida&down.com.” The email can affect all versions of Inpage Urdu till 2012.

“Reads user’s computer information like operating system details, directory files list, network, IP, route and interfaces details, windows services information from the victim’s computer,” stated the advisory about the potential threat from the mailcious email.

It further explained that the malware has the ability to act as a keylogger, file stealer and it can read information about user’s open windows along with time stamps. It can steal stored user names and passwords of victim’s accounts and can take remote control of the system. The malware can automatically execute itself on widows’ start up.

The Cabinet Division has recommended all the government’s ministries and divisions that they should use Microsoft Word with Urdu language and Urdu word processor 1.1 instead of using Inpage.

The advisory recommends installing and updating well reputed anti-viruses such as Kaspersky, Avira and Avast.

It also suggests that if indicators of compromise are found in the system disconnecting the computer from the internet and reinstalling the Windows.

The advisory also recommends not to download attachments from any email unless one is sure about the source.

Imran Ali Kundi