Explorer

Pakistan-Based Group Embeds Malware In Fake Govt Letters Amid Spike In Ransomware, Attacks On Army Websites

A Pakistani group, APT 36, is actively targeting Indian infrastructure through forged government letters embedded with malware amid increased attacks on army-related websites.

Following the Pahalgam terror attack, Pakistan-based Advanced Persistent Threat (APT) group APT 36 has reportedly become active and is preparing to target Indian infrastructure by crafting fake government websites and forged letters embedded with malware, according to a detailed report by Maharashtra Cyber.

After the initial report titled “Echoes of Pahalgam”, Maharashtra Cyber has compiled a follow-up assessment called “Pahalgam Cyber Warfare”. Maharashtra Cyber Chief Yashasvi Yadav stated, “We have submitted the first report to the agency, and the second report will also be handed over soon.”

Among the newly identified actors, APT 36, believed to be operating out of Pakistan, has reportedly masked its IP address to appear as if located in Bulgaria. The group is allegedly creating forged government letters embedded with malware, which, once introduced to a system, can steal data, change passwords, and potentially hijack the entire system.

“This is essentially a technographic attack disguised as an official government letter. It appears to be the latest modus operandi of APT 36,” said Yadav.

He also warned that other threat actors remain active and there is growing evidence of coordination and synergy between these groups. “They are helping each other and launching coordinated attacks,” he added.

Speaking in the context of the Pahalgam terror incident, Yadav remarked, “We observed a sharp increase in cyber wars and attacks targeting India—particularly aimed at critical infrastructure sectors and government agencies. Departments like the military and defence sector have seen numerous attempts. Government portals have faced DDoS (Distributed Denial-of-Service) attacks and website defacement.”

He further added, “In banking and finance, disruption and digital payment system attacks are being launched. In telecom and technology, ransomware deployment attacks have been identified. Critical infrastructure is being targeted through malware induction attacks.”

Yadav warned that these assaults point towards a cyber war strategy where countries not maintaining cordial relations with India are trying to convey a message that they can cripple critical infrastructure.

Offering recommendations, Yadav urged all agencies to “pay serious attention to cyber security and adopt hygienic cyber behaviour.” He advised that systems must undergo cyber security audits, firewall configurations must be verified, passwords must be strengthened, and red teaming exercises must be conducted to identify vulnerabilities and address them swiftly.

The earlier report had flagged Team Insane PK, a Pakistani APT group, as well as other active players like Bangladesh-based Mysterious Team Bangladesh (MTBD) and Indonesia’s Indo Hax Sec. Threat actor Golden Falcon, based in the Middle East, was also named.

Pakistan-Sponsored Hacker Groups Try To Breach Army-Related Websites

In a continued wave of cyber offensives, Pakistan-sponsored hacker groups such as “Cyber Group HOAX1337” and “National Cyber Crew” also attempted to breach several websites on Thursday. These attempts were swiftly detected and neutralised by cyber security agencies.

Among the targets were the websites of Army Public School Nagrota and Sunjuwan, which hackers tried to deface with messages mocking the victims of the recent Pahalgam terror attack. Another attack targeted a healthcare website for ex-servicemen.

Repeated attempts have been made to attack platforms linked to children, elderly veterans, and other civilians. These acts have been widely condemned as a new low in Pakistan’s cyber operations.

The hacking of the Army Institute of Hotel Management’s website and platforms associated with Indian Air Force veterans further highlight the Pakistani establishment’s continuing attempts to provoke and escalate digital warfare against India.

These coordinated cyberattacks form part of a broader pattern of provocation and information warfare that has long been associated with Pakistan’s hostile stance towards India.

Top Headlines

'Aamir Brand Ambassador Of Love Jihad,' Says Nitesh Rane; Waris Pathan Calls Him Jealous
'Aamir Brand Ambassador Of Love Jihad,' Says Nitesh Rane; Waris Pathan Calls Him Jealous
HP: Three dead, one injured in car accident in Sirmaur
HP: Three dead, one injured in car accident in Sirmaur
India Mourns Former Qatar Emir Sheikh Hamad, PM Modi Calls Him 'Visionary Leader'
India Mourns Former Qatar Emir Sheikh Hamad, PM Modi Calls Him 'Visionary Leader'
Manmohan Singh Once Told Me 'I Will Commit Suicide' Over EC Criticism: Ex-CEC SY Quraishi's Book
Manmohan Once Told Me 'Will Commit Suicide' Over EC Criticism: Quraishi's Book

Videos

BREAKING: Trump Ally Lindsey Graham Dies Suddenly After Kyiv Visit, Questions Rise Over Death
BREAKING: Muzaffarnagar Kanwar Yatra Row: Police Probe Begins Into Viral Uniform Threat Video
BREAKING: Meerut Lalita Murder Case Sparks Protest Row as Politics Intensifies After Arrests
BREAKING: Vinayak Raut Family Faces FIR After Daughter-in-Law Alleges Black Magic and Harassment
Breaking: PM’s Indo-Pacific Outreach: 10 Key Outcomes Shaping India’s Strategic Global Vision

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget