In recent news, a US-based threat intelligence firm, called Black Lotus Labs, stated that a group of Pakistani hackers had targeted different government installations which were of high value to India.
According to a report, this critical infrastructure belonged to India’s power sector and one government organization which were compromised by the hackers. This report was released in June which mentioned a suspected Pakistani threat actor that had executed a custom-developed framework to infiltrate multiple targets in India. This further included the installation of a Remote Access Trojan (RAT) which enables hackers to covert surveillance and unauthorized access to the target’s computers.
In addition, the hackers had utilized India-based URLs in order to avoid detection. According to Lumen’s Black Lotus Labs:
“Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan.”