Cyberespionage groups from China and India have infiltrated Pakistani police networks over two years, affecting Balochistan Police significantly. The attacks aimed at accessing sensitive data amid regional tensions and disputes.
SentinelOne's SentinelLabs revealed that cyber espionage groups associated with China and India targeted Pakistani law enforcement, particularly the Balochistan Police, from February 2024 to April 2026. Multiple police organizations were affected, but Balochistan Police was the primary target due to its strategic significance amid regional rivalries.
The researchers categorized the cyber intrusions into four malware clusters: PlugX, ShadowPad, Cobalt Strike, and Remcos. These malware types suggest that the attacks may involve various operators due to their reliance on shared or commodity malware, with specific links to individual threat actors noted in the Remcos activities.
China's involvement is linked to protecting its nationals engaged in Belt and Road Initiative projects in Pakistan, especially from threats posed by Baloch separatist militants. The access to Pakistani police data could provide Beijing insights into these threats. Conversely, India's activities seem to focus on gaining information related to Islamabad's handling of regional insurgencies, exacerbating existing tensions.
The attacks included the deployment of malicious files masquerading as software updates on the Balochistan Police's Complaint Management System, affecting both police personnel and the general public. This tactic underscores the vulnerabilities present in public-facing government systems.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
Cyberespionage groups from China and India have infiltrated Pakistani police networks over two years, affecting Balochistan Police significantly. The attacks aimed at accessing sensitive data amid regional tensions and disputes.