Pakistani hackers allegedly targeted important government installations in India, according to a threat intelligence group located in the United States.
A suspected Pakistani threat actor used a custom-developed framework to breach various sites in India earlier this year, according to a study released in June.
The attackers from Pakistan are said to have implanted a new cyber malware called a Remote Access Trojan (RAT). The malware, which is thought to have been used by Pakistani hackers, allows for covert observation and unauthorised access to the systems of the target.
According to the study, hackers utilised compromised domain URLs from India to escape detection.
The clandestine operation is alleged to have started in January 2021. The hacker groups’ IP address is said to belong to a Pakistani mobile data service.
Lumen’s Black Lotus Labs claimed that “the majority of the organisations that indicated evidence of compromise were in India, while a tiny number were in Afghanistan.”