China- and India-linked cyberespionage campaign against Pakistani law enforcement
Campaign
Summary
Hide ▲
Show ▼
Cyberespionage groups linked to China and India ran a Feb 2024–Apr 2026 campaign against Pakistani law enforcement, reaching police systems that held sensitive records and citizen-facing data. The operation hit Balochistan Police most heavily and exposed servers tied to biometric databases, criminal case files, and personnel records. The intrusions used PlugX, ShadowPad, Cobalt Strike, and Remcos, and some access was delivered through fake software updates on a public complaint portal.
Timeline
-
10.07.2026 14:55 2 articles · 2h ago
China- and India-linked intrusions target Pakistani police networks
Initial DisclosureSentinelLabs reported a sustained cyberespionage campaign against Pakistani law enforcement networks, with Balochistan Police absorbing most of the activity and several police organizations affected. The activity was grouped into PlugX, ShadowPad, Cobalt Strike, and Remcos clusters, with some access reaching servers tied to biometric databases, criminal case files, personnel records, and citizen-facing systems. Researchers also identified malicious files disguised as software updates on Balochistan Police’s public Complaint Management System, which could affect officers and residents using the portal.
Show sources
- China, India-Linked Hackers Both Targeted Same Pakistani Police Force — www.securityweek.com — 10.07.2026 14:55
- China, India-Linked Hackers Both Targeted Same Pakistani Police Force — www.securityweek.com — 10.07.2026 14:55