Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Pakistan Hacker. Show all posts
Pakistan Hacker
Cyber Attacks Cyber Crew Cyber Hacking Cyberhackers CyberThreat Dark Web Digitl war Hacktivist group India National Cyber Security Pahalgam Attack Pakistan Hacker

Cybersecurity Agencies on High Alert as Attacks Spike After Pahalgam Incident



A rising tension between India and Pakistan has resulted in an intensified digital war, whose hacktivist groups have launched coordinated cyber offensives targeting government systems and critical infrastructure as a result of increasing tensions between the two countries. The attacks, which are fueled by geopolitical conflict, have expanded beyond the immediate region. 

A report suggests that hacktivist collectives from Asia, the Middle East, and North Africa (MENA) have united to disrupt the Indian cyber ecosystem, according to the report. There was a tragic incident on April 22, when armed terrorists shot a group of tourists in Pahalgam, the serene hill town in Kashmir administered by the Indian government, which was the trigger for this wave of activity. 

According to researchers from NSFOCUS, there had been an immediate and significant surge in cyber activity, which shook the nation. In the aftermath of the attack, cyber activity on both sides of the border intensified. It appears that the initial wave of cyberattacks has stabilised, however, cybersecurity threats persist. India witnessed an increase of 500% in targeted cyber intrusions, and Pakistan faced a rise of 700%. It was reported recently that several Pakistani hacker groups have attempted to breach Indian websites as part of an ongoing digital aggression campaign. 

The Indian cybersecurity agencies have responded robustly to these attempts, which have successfully detected and neutralised most of these threats, despite their efforts to undermine this. According to the reports, hacker collectives such as 'Cyber Group HOAX1337' and 'National Cyber Crew' have targeted websites belonging to the Army Public Schools in Jammu in the past. 

In their attempt to deface the websites, the attackers mocked the victims of the Pahalgam terror attack, which was widely condemned as both distasteful and inflammatory. As a result of the rise in cyber hostilities, we have seen the importance of digital warfare in modern geopolitical conflicts grow. This highlights the need for enhanced cyber vigilance and cross-border security collaboration that must be enhanced. 

The cyber threat landscape has intensified further since India launched Operation Sindoor in retaliation for a military operation targeting suspected terror camps across the border. It has been estimated that the launch of Operation Sindoor on May 7 has resulted in a sharp increase in malicious cyber activity as a result of these attacks, as reported by cybersecurity researchers at Radware and Cyble. 

As a result of the coordinated attacks conducted by hacktivist groups from across the eastern hemisphere, a substantial surge in cyber attacks was recorded on that day alone, with dozens of hacktivist groups actively participating. The Indian government, already dealing with the aftermath of the Pahalgam terror attack, which took place on April 22, has become the primary target of these attacks. Several threats have been launched against Indian institutions by groups aligned with pro-Pakistan and Bangladeshi interests, as well as with groups aligned with pro-Bangladeshi interests.

Technisanct, a cybersecurity firm based in Kochi, released a report recently in which they noted that there has been a steady increase in offensive operations against government infrastructure, educational platforms, and public services. In various online forums and dark web communities, this wave of cyber aggression has been informally referred to as #OpIndia. 

In many ways, the campaign resembles past hacktivist movements which targeted nations like Israel and the United States, usually motivated by ideological motives, but not necessarily sophisticated enough to threaten the nation's security. The current attacks, experts caution, however, demonstrate a coordinated approach to threats, where threat actors are using both denial-of-service DosS) and defacement attacks to spread propaganda and disrupt networks. 

A sustained cyber battle has been waged between India and Pakistan, marked by both nationalist fervour and geopolitical tension as part of the India-Pakistan conflict, which has clearly evolved into a digital dimension of the conflict. Indian cybersecurity agencies must remain vigilant as they attempt to counter these persistent threats through proactive monitoring and rapid incident response, along with strengthened defensive protocols. 

It was decided by Prime Minister Narendra Modi to convene a cabinet committee on security (CCS) on April 30, 2025, to assess the evolving security situation in Jammu and Kashmir amid rising tensions in the region. During the high-level meeting, which took place at the Prime Minister's official residence on Lok Kalyan Marg, members of the national security apparatus, including Rajnath Singh, Amit Shah, and S. Jaishankar, were present, as well as key national security officials. 

In the discussion, Jaishankar discussed the recent wave of violence in the Kashmir Valley, concerns about cross-border security, and the threat of cyberattacks from hostile actors, as well as the threat of cyberterrorism. The Pakistani government has issued a provocative statement warning of a possible Indian military attack within a 24 to 36-hour window, which is similar to the one issued by Pakistan in a provocative statement. 

According to what Islamabad called credible intelligence, New Delhi is preparing to launch retaliatory strikes. The allegations of Pakistan's involvement in the Pahalgam terror attack of April 22 are supposedly based on unsubstantiated accusations. There has been public criticism of India's fabrication of an offensive narrative by Pakistan's Federal Minister for Information, Attaullah Tarar, cautioning that any such move would result in serious consequences if followed. 

It has been revealed that diplomatic and military signals have increased the level of tension in the existing volatile situation, with both sides locked in a tense standoff that spans both physical and virtual borders. There has been news that threat actors have attempted to deface the official website of Armoured Vehicle Nigam Ltd, which is another indication of the intensification of cyberhostility. It is a public sector company operated by the Ministry of Defence. 

It was reported that the attackers defaced the website by showing images associated with Pakistan, including the national flag and images of the 'Al Khalid' battle tank, an act that was seen as both provocative and symbolic by officials. This development has spurred the Indian cybersecurity agencies and expert teams to increase their real-time monitoring of the digital landscape, as a result of which they are concentrating their efforts on identifying threats that have been linked to Pakistani state-sponsored or affiliated groups. 

The authorities have confirmed that this increased surveillance is part of a greater effort to avert further attacks as well as neutralise any new threats that may arise. To counter the increasing wave of cyberattacks, a series of robust countermeasures is being put in place to strengthen the nation's digital security posture in response. For example, fortifying critical infrastructure, strengthening incident response protocols, and increasing online platform resilience across key industries are all examples of strengthening the nation's digital security posture. 

There was no doubt that the authorities were concerned that these proactive actions were aimed at ensuring India's defence and civilian systems were protected as well as that India's digital frontline was prepared to repel and withstand future cyberattacks as well. It has become increasingly apparent that cyberwarfare has become a central theatre of geopolitical rivalry in the modern world as the contours of contemporary conflict continue to evolve. 

Digital infrastructure, in the same way that physical borders play a crucial role in national security, has recently been heightened by several recent developments, and this serves as a reminder to all of us. Because of this, India needs to enhance its investments in advanced cybersecurity capabilities, establish strong public-private partnerships, and establish a comprehensive national cyber defence strategy that is both responsive and flexible. 

To isolate and neutralise transnational cyber threat actors, it is not only necessary to implement technical fortification but also to conduct strategic diplomacy, share intelligence, and engage in international cooperation. It will be crucial to cultivate a culture of resilience, both at the institutional and individual levels, by cultivating cyber awareness. 

With the increasingly contested digital frontier, India must remain proactive, unified, and forward-thinking at all times if it is to ensure that it is secured, sovereign, and fully “digitally self-reliant” as the threat of hybrid threats rises.
Read more »
Sensitive data
Cyber Attacks Data Leak data security Data Theft Hacker attack Indian Cyber Security Pakistan Hacker Personal Data Sensitive data

Pakistan-Based Hackers Launch Cyber Attack on Indian Defence Websites, Claim Access to Sensitive Data

 

In a concerning escalation of cyber hostilities, a Pakistan-based threat group known as the Pakistan Cyber Force launched a coordinated cyber offensive on multiple Indian defence-related websites on Monday. The group claimed responsibility for defacing the official site of a Ministry of Defence public sector undertaking (PSU) and asserted that it had gained unauthorized access to sensitive information belonging to Indian defence personnel. According to reports, the targeted websites included those of the Military Engineering Service (MES) and the Manohar Parrikar Institute of Defence Studies and Analyses (MP-IDSA), both critical components in India’s defence research and infrastructure network. 

The group’s social media posts alleged that it had exfiltrated login credentials and personal data associated with defence personnel. One particularly alarming development was the defacement of the official website of Armoured Vehicle Nigam Limited (AVNL), a key PSU under the Ministry of Defence. The hackers replaced the homepage with the Pakistani flag and an image of the Al Khalid tank, a symbol of Pakistan’s military capabilities. A message reportedly posted on social platform X read, “Hacked. Your security is illusion. MES data owned,” followed by a list of names allegedly linked to Indian defence staff. 

Sources quoted by ANI indicated that there is a credible concern that personal data of military personnel may have been compromised during the breach. In response, authorities promptly took the AVNL website offline to prevent further exploitation and launched a full-scale forensic audit to assess the scope of the intrusion and restore digital integrity. Cybersecurity experts are currently monitoring for further signs of intrusion, especially in light of repeated cyber threats and defacement attempts linked to Pakistani-sponsored groups. 

The ongoing tensions between the two countries have only heightened the frequency and severity of such state-aligned cyber operations. This latest attack follows a pattern of provocative cyber incidents, with Pakistani hacker groups increasingly targeting sensitive Indian assets in attempts to undermine national security and sow discord. Intelligence sources are treating the incident as part of a broader information warfare campaign and have emphasized the need for heightened vigilance and improved cyber defense strategies. 

Authorities continue to investigate the breach while urging government departments and defense agencies to reinforce their cybersecurity posture amid rising digital threats in the region.
Read more »
Threat Landscape
APT36 Cyber Attacks Indian Organizations Pakistan Hacker Threat Landscape

Check Point Uncover Pakistan-Linked APT36’s New Malware Targeting Indian Systems

 

Pakistan's APT36 threat outfit has been deploying a new and upgraded version of its core ElizaRAT custom implant in what looks to be an increasing number of successful assaults on Indian government agencies, military entities, and diplomatic missions over the last year. 

Cybersecurity researchers at Check Point Research (CPR) identified that the latest ElizaRAT variant includes new evasion strategies, enhanced command-and-control (C2) capabilities, and an additional dropper component that makes it more difficult for defenders to spot the malware.

A new stealer payload known as ApoloStealer has been used by APT36 to collect specified file types from compromised systems, retain their metadata, and transport the data to the attacker's C2 server, therefore increasing the risk. 

"With the introduction of their new stealer, the group can now implement a 'step-by-step' approach, deploying malware tailored to specific targets," stated Sergey Shykevich, threat intelligence group manager at Check Point Software. "This ensures that even if defenders detect their activities, they primarily find only a segment of the overall malware arsenal.”

The threat group's use of legitimate software, living off the land binaries (LoLBins), and lawful C2 communication services such as Telegram, Slack, and Google Drive complicates the situation. According to Shykevich, the adoption of these services has made it much more difficult to monitor malware transmissions in network traffic. 

APT36, also known as Transparent Tribe, Operation C-Major, Earth Karkaddan, and Mythic Leopard by security vendors, is a Pakistani threat group that has predominantly targeted Indian government and military entities in intelligence gathering operations from about 2013. Like many other tightly focused threat groups, APT36's attacks have occasionally targeted organisations in other nations, such as Europe, Australia, and the United States.

The malware that the threat actor now possesses comprises tools for infiltrating Android, Windows, and increasingly Linux devices. BlackBerry revealed earlier this year that in an APT36 campaign, ELF binaries (Linkable Executable and Linkable Format) accounted for 65% of the group's attacks against Maya OS, a Unix-like operating system created by India's defence ministry as a Windows substitute. Additionally, SentinelOne reported last year that APT36 was spreading the CopraRAT malware on Android devices owned by Indian military and diplomatic personnel by using romantic lures. 

ElizaRAT is malware that the threat actor included in their attack kit last September. The malware has been propagated using phishing emails that include links to malicious Control Panel files (CPL) hosted on Google Storage. When a user opens the CPL file, code is executed that starts the malware infection on their device, potentially granting the attacker remote access or control of the system. 

Over the last year, Check Point analysts detected APT36 operators using at least three different versions of ElizaRAT in three consecutive campaigns, all of which targeted Indian businesses. The first was an ElizaRAT variation that utilised Slack channels for C2 infrastructure. APT36 began employing that variation late last year, and approximately a month later began deploying ApoloStealer with it. 

Starting early this year, the threat group began using a dropper component to discreetly drop and unpack a compressed file carrying a new and enhanced version of ElizaRAT. The new variation, like its predecessor, initially checked to see if the machine's time zone was configured to Indian Standard Time before executing and engaging in malicious behaviour.

"Introducing new payloads such as ApolloStealer marks a significant expansion of APT36’s malware arsenal and suggests the group is adopting a more flexible, modular approach to payload deployment," CPR noted in its report. "These methods primarily focus on data collection and exfiltration, underscoring their sustained emphasis on intelligence gathering and espionage.”
Read more »
Pakistan Hacker
Defaced Website hacker news Pakistan Hacker

LK Advani's official website hacked by Pakistani Hacker

Screenshot of Defacement

The next day after Bihar BJP's official website get hacked by hacker claimed to be from Pakistan, the official website of Senior BJP Leader LK Advani (www.lkadvani.in) also got defaced by the same hacker.

The hacker who called himself Muhammad Bilal began the defacement message by saying "I'M Back ;D gOOd mOrNing Narendra Modi".  The hacker also wrote "Free Kashmir..Freedom is our goal."

The hacker also claimed to have defaced the websites of Bharti Janta Party In Lok Sabha and Bharti Janta Party In Rajya Sabha.

A screenshot published in the hacker's profile shows that he also gained access to the database server.  The accessed information includes email IDs, hashed-passwords, phone numbers and other details.

At the time of writing, the LK Advani's website is down for maintenance.
Read more »
Pakistan Hacker
Breaking News Defaced Website Pakistan Hacker

Bihar BJP website hacked and defaced by Pakistani Hackers

Bharatiya Janata Party's(BJP) website once again has been targeted by hackers claimed to be from Pakistan.

This time, a hacker named Muhammad Bilal from Pak Cyber Experts group breached the official Bihar Bjp website(www.biharbjp.org) and defaced the home page.

The defacement contains a picture of person standing on Narendra Modi's photo and posted some comments.  The hacker also called India as Stupid.

"I just woke up for reading Namaz. I just thought i will check BJP website :D good site it was :( then my mind changed :( i thought to write 'Pakistan Army' or 'pakistan zindabad' on the site of people who say [redacted] about Pakistan." defacement message reads(translated).

The hacker has a past history of attacking Indian websites and Modi's related websites.

This is not the first time BJP's websites being defaced by Pakistani Hackers.  Earlier this month, hacker with online handle 'Sniper Haxxx' defaced the BJP Junagadh unit's website.

It seems like the website was defaced before 14 hours. The website is still showing the defacement. You can find the mirror of the defacement here: http://zone-h.com/mirror/id/22233554
Read more »
Pakistan Hacker
BSNL hacked Defaced Website Pakistan Hacker

BSNL subdomain's defaced by "Kai-h4xOrR And Trojan"



Two Pakistani hackers called "Kai-h4xOrR And Trojan" have managed deface some webpages of BSNL's sub-domains.

The defaced pages are:
http://learntelecom.bsnl.co.in/acp_main_module/schedule_list.asp
http://www.vas.bsnl.co.in/vas/contact_us.jsp?cir=11

They left the following message: "Team MaXiMiZerSOp# Free For Kashmir"

BSNL has very bad track record with security it has been defaced multiple times in the past few years.

Mirrors:http://zone-h.com/mirror/id/22021830

http://zone-hc.com/archive/mirror/d0abab6_learntelecom.bsnl.co.in_mirror_.html

http://zone-hc.com/archive/mirror/ea72f34_vas.bsnl.co.in_mirror_.html
Read more »
Pakistan Haxors CREW
Defaced Website defacement Hacking News Pakistan Hacker Pakistan Haxors CREW

Two more Indian Government websites hacked by Pakistani Hackers


In last few days, several Pakistani hacker groups have defaced plenty of Indian government websites.  Pakistan Haxors CREW is one of the group targeting the Indian websites.

The group today hacked into two Indian government websites: West Bengal State Coastal Zone Management Authority and Damodar Valley Corporation .

At the time of writing, 'wbsczma.gov.in' still showing the defacement while the 'portal.dvc.gov.in' went offline.  The group also claimed to have dumped the database. 

Today, another group named as "Team MaXiMiZerS" have defaced two India's Kerala state government websites along with hundreds of other websites.

Last night, Voice Of Black Hat Hackers group from Pakistan hacked two India's Rajasthan state government websites.
Read more »
Pakistan Hacker
Bank website hacked Breaking News hacker news Pakistan Hacker

State Bank of Patiala hacked and defaced by Pakistani Hacker

A Pakistani hacker with the online handle " Kai-H4xOrR" from PAKISTAN HAXORS CREW(PHC), has hacked into the State Bank of Patiala(SBP) sub-domain and managed to deface the website.

In the defacement page, hacker stated that the security breach is payback "For Hacking Sui Gas Site".

"And Dont mess with Pakistan else you will lose both your Name and this Game   Backoff Lamers from our cyber space. Everybody Knows whose cyber space is more vulnerable" The defacement message reads.



"You will hack 1, we will hack thousands" hacker sent a warning message to Indian Hackers who deface Pakistani websites.  

The hacker has uploaded his defacement here: "https://hindi.sbp.co.in/index.html".  The main page and other pages are not affected by this defacement.  At the time of writing, the website still displays the defacement.
Read more »
Subscribe to: Posts (Atom)