⚠️ Region Alert: UAE/Middle East
Cybersecurity researchers have identified a prolonged cyber espionage campaign targeting several Pakistani law enforcement agencies, including the Balochistan and Islamabad Police. Attributed to both China- and India-aligned threat actors, the activity involved the compromise of critical servers hosting biometric data, criminal records, and national identity registrations. Notable malware families such as PlugX, ShadowPad, Cobalt Strike, and Remcos RAT were deployed to maintain persistence and exfiltrate sensitive intelligence.
One particularly sophisticated aspect of the campaign involved the subversion of the Balochistan Police's Complaint Management System (CMS). Attackers masqueraded a custom implant as a portal update, effectively turning a citizen-facing tool into a malware delivery mechanism. This convergence of multiple nation-state actors against the same targets highlights the high intelligence value of law enforcement data, which offers deep insights into a nation's internal security landscape and threat assessments.
Top comments (0)