An Indian threat actor was found using spear-phishing attacks against Pakistani targets, including the Ministry of Defense and several major research universities in the country. The threat actor had infected its own systems with the remote access trojan deployed in the attacks. This oversight allowed cybersecurity researchers to use the functions of the trojan to spy on the threat actor and understand its attack schemes and networks.
- Pakistan's Ministry of Defense, the National Defense University of Islamabad, the University of Veterinary and Anmial Sciences’ Faculty of Bio-Science, the Karachi HEJ Research institute, and Salim Habib University.
Suspected state sponsor
Type of incident
- Civil society