A Pakistani cyber security firm, which has worked with the authorities in that country, has been found stealing information from the Indian government and defence establishments, a report by a US-based security firm FireEye said today.
The Pakistani cyber firm accessed computers of bureaucrats through malware and targeted Indian establishments using leased US hosting services, FireEye said.
“An Islamabad-based IT security firm called Tranchulas, which claims to have helped prepare the Pakistani government for cyber warfare, bombarded officials in Indian government organizations with emails containing malicious software, or malware,” it said.
The report reveals that India remains a vulnerable target for cyber-attacks even after documents leaked by whistleblower Edward Snowden exposed widespread spying by US National Security Agency.
The firm used terms like ‘Sarabjit Singh’, ‘Devyani Khoragade’ and ‘Salary hikes for government employees’ in the subject line to lure officials into opening attachments containing the malware.
The malware, identified by FireEye, has been active since early 2013 with the name of a Tranchulas employee, Umair Aziz, in its code.
FireEye said that since “July 2013, different variants of the malware with modified names have surfaced. It is indicated that it was common for cyber attackers to use servers located in a different country to avoid detection”.