Pakistani Malware

Part of the blame for the instability and full disarray in Afghanistan has been placed on Pakistani malware. Some experts claimed that if it hadn’t been for Pakistan’s assistance, the Taliban would have failed miserably in their attempt to take control of Afghanistan.

Evidences suggested that Pakistan was constantly targeting Afghanistan in the cyberspace, amid the growing threat from Taliban. A Pakistan-originated malware that previously launched cyberattacks on Afghanistan’s government sector now has the ability to adopt new cyberattack capabilities. The improved Remote Access Trojan (RAT) that could control the webcam of the compromised device has been deciphered as one of the newest ability.

Ashraf Ghani, ex-Afghan President, openly expressed his views on Pakistan’s negative role in the 20-year-old Afghan conflict. A research shared by US-based Telecommunications Company Lumen Technologies’ threat intelligence arm – Black Lotus Labs, stated that India, Iran and Jordan have become the secondary targets of Pakistani malware. The researchers are calling this new program “ReverseRat 2.0”.

To lure the government targets of the countries, Pakistani hackers used a forged UN meeting platform. The added modifications enabled the ability to remotely take photos via webcams and even retrieve files on USB devices inserted into the targeted machines. The researchers disclosed the updated version of the preBotHta loader file which also had new evasion techniques to counter Indian antivirus solutions.

Due to the newly added different logic paths, Kaspersky or Quick Heal antivirus (AV) products that have the ability to block certain aspects of malware infection chain would remain unaware of the invasion. Not only will it avoid anti-virus detection but also infect the targeted machines.

It is not the first time when a Pakistani malware has posed a threat to the national security. The Pakistani hackers have previously targeted the power sector and government organisations in both India and Afghanistan. The escalating cyber-attacks in Afghanistan, combined with the Taliban menace, have simply set the path for more devastation in the country. As a result, Afghanistan now appears at the mercy of Taliban militants.

Amid the technological evolution, India has gained the capability to defend and undertake offensive attacks in response to adversarial attacks. Indian companies like as Phronesis and Aglaya have bolstered India’s cyber attack, making it one of the fundamental pillars of hybrid warfare. Today, India can easily tackle the mounting cyberthreats from Pakistan with the help of these private actors.

Similar to malware attacks, Indian APT groups have also excelled in launching information warfare campaigns against Pakistan. Though many international actors today blame Pakistan for the catastrophe in Afghanistan, yet some of them believe that India’s anti-Pakistan agenda is to blame for everything.

Leave a Reply