Post

Pakistan-Linked Hackers Escalate Cyber Attacks on India with CurlBack and Spark RATs

Posted
By Vitus White
1 min read
Pakistan-Linked Hackers Escalate Cyber Attacks on India with CurlBack and Spark RATs

TL;DR

  • A threat actor linked to Pakistan has expanded its cyber operations, targeting various sectors in India using multiple remote access trojans (RATs), including the newly identified CurlBack RAT.
  • Key sectors targeted include railways, oil and gas, and external affairs ministries, indicating a significant escalation in cyber espionage activities.

Introduction

Cybersecurity experts have identified a Pakistan-linked hacker group that has expanded its operations against India, deploying several remote access trojans (RATs) including the newly discovered CurlBack RAT. This escalation in cyber activities was detected by SEQRITE in December 2024, highlighting a significant threat to India’s critical infrastructure.

Targeted Sectors and Malware Used

The Pakistan-linked threat actor has targeted multiple Indian sectors, including:

  • Railways: Essential for transportation and logistics.
  • Oil and Gas: Critical for energy security.
  • External Affairs Ministries: Vital for diplomatic communications.

The malware used in these attacks includes:

  • Xeno RAT
  • Spark RAT
  • CurlBack RAT: A previously undocumented malware family, indicating a sophisticated evolution in the hackers’ toolkit.

Significance and Implications

The use of advanced malware like CurlBack RAT signifies a growing threat to India’s cybersecurity landscape. These RATs allow attackers to gain remote control over infected systems, exfiltrate sensitive data, and conduct espionage activities. The targeting of critical sectors underscores the potential for widespread disruption and national security risks.

Detection and Response

SEQRITE’s detection of these activities in December 2024 has prompted immediate response measures from Indian cybersecurity agencies. Enhanced monitoring and defensive strategies are being implemented to mitigate further risks and protect sensitive information.

Conclusion

The escalation of cyber attacks by Pakistan-linked hackers against India’s critical infrastructure highlights the urgent need for robust cybersecurity measures. Continued vigilance and proactive defense strategies are essential to safeguard national interests and prevent potential disruptions.

Additional Resources

For further insights, check:

References

Cybersecurity & Data Protection, Vulnerabilities
cybersecurity threat intelligence hacking
This post is licensed under CC BY 4.0 by the author.