Indian defence sites main target of Pak-based cyber attackers
New Delhi, Mar 16: India has been facing continued threats from suspected Pakistan-based cyber attackers for the last few years, with online criminals sending phishing emails containing malware aimed at country's defence establishments, cyber security firm FireEye said today.
A cyber threat operation in which malware 'Seedoor' was used has been targeting in India since at least 2013, FireEye said in a report.
"The threat group behind the operation likely reached its targets by sending spear phishing emails with malware attachments. The lures used in the email were related to regional military and defense issues, often involving India-Pakistan relations and current events," it said.
Stating that establishments both in India and Pakistan were targeted, FireEye said "suspected Pakistani threat actor used surveillance malware against Indian and Pakistani entities."
It however neither identified the location of the cyber attacks nor the success ratio. It did not say if the attackers succeeded in penetrating any sensitive establishment.
"Robust surveillance malware Seedoor was likely distributed via spear phishing emails about current events, defense issues and women," the report said.
Based on the themes used in the emails and decoy documents, it is likely the threat actor intended to target Indian government and military personnel, as well as political dissidents in Pakistan in order to collect intelligence, it added.
"The line between real world conflict and cyber conflict continues to blur. Wherever you see geopolitical tensions you are likely to find cyber campaigns beneath the surface,” FireEye chief technology officer Asia Pacific Bryce Boland told PTI. He however declined to comment on the scale of these attacks or potential damage.
"... We have been in touch with concerned authorities for this report," he added.
Seedoor's built-in functionality includes interacting with the file system, simulating mouse clicks, starting and terminating processes, transferring files, making recordings and screenshots of desktop, recording sound from microphone, recording and taking snapshots from webcams, and in some cases collecting Microsoft Outlook emails and attachments.
"The threat actor used a variety of lures focused on defence and military topics, as well as issues pertinent to India-Pakistan relations, including regional areas of conflict such as Afghanistan or, separately, Balochistan (a Pakistani province)," Boland said.
In multiple instances, the threat actor named the malware attachments the title of news articles from popular Pakistan news sites, including Dawn and the Express Tribune, he added.
The threat actor also used images of women, including several associated with India or Pakistan, the report said.
PTI
-
Ind Vs NZ T20 World Cup Phalodi Satta Bazar Prediction: Know Who Will Win In India vs New Zealand Final -
Hyderabad College Girls To Get Electric Scooters As Telangana Targets Pollution In CURE Region -
From Snacks to Meals: Match Day Sparks Surge in Food App Orders -
Gold Rate Today 9 March 2026: IBJA Benchmark Rates, Tanishq, Malabar, Joyalukkas, Kalyan Jewellery Prices -
Gold Silver Rate Today, 9 March 2026: City-Wise Prices, MCX Gold and Silver Ease Slightly After Rally -
Better Trisha Stays At Home: Parthiban’s Joke Turns Controversial Amid Thalapathy-Trisha Affair Rumours -
Panauti Stadium? Is Narendra Modi Stadium an Unlucky Venue for India National Cricket Team? -
Hyderabad Gold Silver Rate Today, 8 March, 2026: Latest Gold Prices And Silver Rate In Nizam City -
T20 World Cup 2026 Prize Money Revealed: How Much Do Winners, Finalists and Super 8 Teams Earn? -
‘Smile Looks Great On You’: MS Dhoni Praises Gautam Gambhir After India's T20 World Cup Win -
Gold Rate Today 8 March 2026: IBJA Issues Fresh Gold Rates; Tanishq, Malabar, Kalyan, Joyalukkas Prices -
Kamal Haasan Hits Out At Donald Trump Over "Permission To Buy Russian Oil", Says "Mind Your Business"
Click it and Unblock the Notifications
Sign in with Google