Home South Asia India-Pakistan News

China Accuses Indian APT Group Of Cyber Warfare Against Pakistan; 2nd Major Accusation After ‘Evil Flower’

Chinese state media claimed that an ‘advanced persistent threat (APT) group’ operating from India under the nom de guerre “Confucius” had launched fresh cyber attacks on the Pakistani government and military institutions. 

The Chinese cybersecurity company Antiy conducted a thorough one-and-a-half-year investigation into this matter and determined that the group’s first attacks can be dated to 2013, the Global Times reported. 

The state-run Global Times alleged that the group primarily targeted the governments, military, and energy sectors of neighboring countries such as China, Pakistan, and Bangladesh to steal sensitive data.

These hackers were classified as “Advanced Persistent Threat” (APT) in the report, which is largely a hacking group that repeatedly attacks particular targets.

The Chinese media outlet said that India employs these APTs as tools of cyberwarfare against China and its neighbors in South Asia with the help of state intelligence.

It is not the first time China’s state media has accused New Delhi of targeting the governments and military enterprises of various South Asian countries. 

In November 2022, Chinese state media claimed that an Indian hacking group known as ‘Evil Flower’ conducted multiple cyber attacks on government and military institutions in China, Pakistan, and Nepal. 




India China Pakistan hacking
Image for Representation

The latest report asserted that political and financial gains motivated the group’s actions. The report said it steals vital information or wrecks the target’s critical infrastructure. 

Li Bosong, the chief engineer of Antiy, alleges that the group commands its attacks with the phrase “Confucius says.” 

Bosong suggested that the group is skilled at using spear-phishing emails and phishing websites and specific social engineering techniques to attack targets. He added that this indicates the hackers have studied Chinese culture during their repeated attacks on China.

Is The Group Targeting Pakistan? 

Antiy contends that “it detected the group’s attacks against the Pakistani government and military facilities when it traced the attacks from the direction of the South Asian subcontinent since 2021.”

The group sends specialized spear phishing emails under the guise of the government of Pakistan employees. After the recipient download or opens the documents, Trojan horse programs are installed on the computer and steal all the data.

This company says it follows this group’s movements constantly. For instance, Antiy claims to have discovered that the group carried out attacks in June 2021 using a malicious file containing information about a list of Pakistani army fatalities.

The group in February 2022 also used a file containing information about the vaccinations of Pakistani government employees, Li said.

The Chinese firm claims to have carefully examined the attack samples from the group and found that the hackers shared tools and codes with SideWinder, another APT group.

Read More

Exit mobile version