A US-based threat intelligence firm has alleged that Pakistani hackers targeted different government installations of critical importance in India.
Black Lotus Labs, an arm of US-based Lumen Technologies, claimed in a report that critical infrastructure of the power sector and one government organization in India were compromised by Pakistani hackers.
The report released in June mentioned a suspected Pakistani threat actor that executed a custom-developed framework to infiltrate multiple targets in India earlier this year.
The Pakistan-based attackers allegedly installed a Remote Access Trojan (RAT), a new cyber malware. The program used by presumed Pakistani hackers enables covert surveillance and unauthorized access to the target’s computers
The report also claimed that hackers used India-based compromised domain URLs to avoid detection.
The covert operation is said to have begun as far as January 2021. The IP address assigned to the hacker groups allegedly belongs to Pakistani mobile data operator CMPak Limited, popularly known as Zong in Pakistan.
“Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan,” Lumen’s Black Lotus Labs claimed.