- Cyber groups used Pakistani news articles as lures: Report
- FireEye prepared report on cyber attacks for India government
A cyber espionage group possibly located in Pakistan has been targeting Indian government, military personnel and Pakistani dissidents since at least 2013, according to security company FireEye Inc.
The group behind the operation probably sent phishing e-mails armed with malicious software code to its targets, FireEye said. The lures used in the e-mails were related to regional military and defense issues, often involving India-Pakistan relations, according to Bryce Boland, FireEye’s chief technology officer for Asia Pacific.
“The line between real world conflict and cyber conflict continues to blur,” Boland said. “Wherever you see geopolitical tensions you are likely to find cyber campaigns beneath the surface.”
FireEye prepared the report for the Indian government, and didn’t share the findings in full with the media. The use of Pakistani infrastructure to send the messages and the themes used to lure targets suggests that the cyber group was funded in Pakistan, said Patrick Neighorn, FireEye’s Asia Pacific communications manager.
Nafees Zakaria, a spokesman for Pakistan’s foreign ministry, didn’t answer calls and a text message to his mobile phone.
India and Pakistan have fought three wars since they split from each other in 1947. Indian Prime Minister Narendra Modi and Pakistani counterpart Nawaz Sharif have struggled to restart peace talks in recent years, with terrorist attacks and disputes over the agenda thwarting progress.
Images of women were also used to lure targets, FireEye said. One such image was taken at a party at the Ashoka Hotel in New Delhi, while another was of a Pakistani actress and model whom FireEye declined to identify. Malware was also attached to links to news articles from Pakistan news sites, including Dawn and the Express Tribune.
FireEye, based in California, provides malware and network-threat protection systems. Last week it was hired by the Bangladesh central bank to investigate the theft of more than $100 million by hackers.
After FireEye’s Mandiant division alleged in February 2013 that China’s military may be behind a group that hacked at least 141 companies worldwide since 2006, the U.S. issued indictments against five military officials who were purported to be members of that group.