CyberSecurityBoard
Sponsor Register Login

Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel

In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malware campaign appears specifically tailored to compromise sensitive government information, with particular focus on defense, intelligence, and law enforcement agencies. The documents, disguised as official briefings or intelligence reports on the Pahalgam situation, prompt users to “Enable Content” to view supposedly protected information, triggering the execution of hidden malicious code. These emails appear to originate from legitimate government agencies, making them particularly convincing to unsuspecting officials seeking information about the security situation. Their investigation uncovered a previously undocumented Remote Access Trojan (RAT) that establishes persistence and communicates with command-and-control servers reportedly linked to a nation-state threat actor with a history of targeting Indian government institutions. The malicious campaign, discovered in early May 2025, utilizes spear-phishing emails with attachments designed to exploit recipients’ interest in security developments related to the incident. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The researchers noted that this campaign appears to be the work of a highly sophisticated adversary with deep knowledge of Indian government operations. The malware then collects system information and begins exfiltrating sensitive data while attempting to move laterally within government networks. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Seqrite researchers identified the campaign after detecting unusual network traffic patterns from government networks. Initial analysis reveals that the attacks begin with Microsoft Word documents containing embedded macros that, when enabled, deploy a multi-stage malware payload.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 14:05:04 +0000


Cyber News related to Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel

Hackers Weaponizing Pahalgam Attack Themed Decoys to Attack Indian Government Personnel - In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malware campaign appears specifically tailored to compromise sensitive ...
1 month ago Cybersecuritynews.com
How an Indian startup hacked the world - Reuters previously named Appin in a story about Indian cyber mercenaries published last year. This report paints the clearest picture yet of how Appin operated, detailing the world-spanning extent of its business, and international law enforcement's ...
1 year ago Reuters.com
EFF Helps News Organizations Push Back Against Legal Bullying from Cyber Mercenary Group - For the last several months, there has emerged a campaign of bullying and censorship seeking to wipe out stories about the mercenary hacking campaigns of a less well-known company, Appin Technology, in general, and the company's cofounder, Rajat ...
1 year ago Eff.org
Lawmakers: Ban TikTok to Stop Election Misinformation! Same Lawmakers: Restrict How Government Addresses Election Misinformation! - In a case being heard Monday at the Supreme Court, 45 Washington lawmakers have argued that government communications with social media sites about possible election interference misinformation are illegal. Just this week the vast majority of those ...
1 year ago Eff.org
The Unlikely Romance of Hackers and Government Suitors - The annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol ...
1 year ago Darkreading.com
Apple alert: India opposition says government tried to hack phones - Some Indian opposition leaders have accused the government of trying to hack into their phones after receiving warning messages from Apple. Apple's alert said it believed the recipient was "Being targeted by state-sponsored attackers". He added that ...
1 year ago Bbc.com
Roundtable: Is DOGE Flouting Cybersecurity for US Data? - So far, Musk and his Department of Government Efficiency (DOGE) have accessed the computer systems of the Department of Treasury, as well as classified data from the US Agency for International Development (USAID) and the Office of Personnel ...
4 months ago Darkreading.com
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities - The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and ...
1 year ago Thehackernews.com CVE-2023-38831 APT3 SideCopy Transparent Tribe
MOVEit Hackers Accessed 632,000 Email Addresses at Defense, DOJ - The report, by the US Office of Personnel Management, provides new details about a cyberattack in which hackers exploited flaws in MOVEit, a popular file-transfer tool. Federal cybersecurity officers previously confirmed that government agencies were ...
1 year ago Bloomberg.com
What Should We Expect for State and Local Government IT Priorities in 2024? - As we wrap up 2023, it is a great time to reflect on the current state of technology in state and local governments and look ahead to the priorities for the coming year. Maintaining the security of networks and the data they carry continues to be the ...
1 year ago Feedpress.me
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon
Chinese Hackers Target Iranian Government Entities in Months-long Attack - A months-long attack by Chinese hackers has been targeting Iranian government entities, according to a report by CSO Online. The hackers, named IAMPrime, have been targeting government institutions in Iran since at least July of last year. The ...
2 years ago Csoonline.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Indian Government Warns Social Media Platforms Over Deepfake Misinformation - In a strong statement directed at social media platforms, the government of India has emphasized the critical need for swift identification and removal of misinformation, including deepfakes, or risk facing legal consequences. This warning follows a ...
1 year ago Cysecurity.news
Chinese Earth Krahang hackers breach 70 orgs in 23 countries - A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. According to Trend Micro researchers monitoring the ...
1 year ago Bleepingcomputer.com CVE-2023-32315 CVE-2022-21587 Earth Lusca GALLIUM
Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
3 months ago Bleepingcomputer.com APT3 APT30 GALLIUM
Fortifying cyber defenses: A proactive approach to ransomware resilience - Ransomware has become a pervasive threat, compromising the security and functionality of vital systems across the United States. While governmental pledges and public declarations of intent to fight cybercrime are foundational, they often lack the ...
1 year ago Helpnetsecurity.com
NASCIO, PTI on What's Coming in 2024 for State and Local IT - Every January, NASCIO and PTI release their forecasts for the coming year based on what government leaders are saying. Adobe Stock/OleCNX. When Doug Robinson speaks, the government technology community listens. He has been the exceptional executive ...
1 year ago Securityboulevard.com
Holiday Threats Surge as Christmas-Themed Scams Explode - As the winter holidays approach, malicious spammers have ramped up their efforts, flooding inboxes with a surge of unsolicited emails and Christmas-themed scams, according to a Bitdefender report. Key findings indicated a steady rise in ...
1 year ago Securityboulevard.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28
What a Digital ID Means to How Australians Interact With Businesses Online - Australia is about to get a national online ID system - the Digital ID - which promises to improve the security and privacy of data online. In just a few months, Australians will have access to a new form of ID, which aims to make identification ...
1 year ago Techrepublic.com
CyberCrime & Doing Time: Classic Baggie: Part 2 - Q. I want to focus on your relationship with Classic Baggie. Q. You said you were working as an apprentice at that time. Q. Ms. Busch, could we pull up 402(c-1), which again is a larger version of that image. Q. Ms. Busch, can you please pull up ...
1 year ago Garwarner.blogspot.com
Cyberattack on North Carolina county allowed hackers to access data - A cyberattack on a North Carolina county has forced officials to call in the state's national guard for assistance. In a message to residents on Tuesday, Bladen County said it became the victims of a cyberattack last week. The county - tucked in the ...
1 year ago Therecord.media
Canadian government discloses data breach after contractor hacks - The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services and ...
1 year ago Bleepingcomputer.com LockBit

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)