Targeting of Pakistani research institutions
Date of report
  • January 2022
An Indian threat actor was found using spear-phishing attacks against Pakistani targets, including the Ministry of Defense and several major research universities in the country. The threat actor had infected its own systems with the remote access trojan deployed in the attacks. This oversight allowed cybersecurity researchers to use the functions of the trojan to spy on the threat actor and understand its attack schemes and networks. 
Suspected victims
  • Pakistan's Ministry of Defense, the National Defense University of Islamabad, the University of Veterinary and Anmial Sciences’ Faculty of Bio-Science, the Karachi HEJ Research institute, and Salim Habib University.
Suspected state sponsor
  • India
Type of incident
  • Espionage
Target category
  • Military
  • Civil society