Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Open Directory Exposes Three Evilginx Phishing Operators

July 13, 2026

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

July 13, 2026

Pakistani Police Systems Hit by Chinese and Indian Espionage

July 13, 2026
Facebook X (Twitter) Instagram
Monday, July 13
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»Cyber Security»Pakistani Police Systems Hit by Chinese and Indian Espionage
Cyber Security

Pakistani Police Systems Hit by Chinese and Indian Espionage

Team-CWDBy Team-CWDJuly 13, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


Two rival nation-state cyber espionage operations, one linked to China and the other to India, have converged on the same Pakistani police force.

According to new analysis published by SentinelLabs, the research arm of SentinelOne, on July 9, suspected China- and India-nexus actors ran intrusion campaigns against several Pakistani law enforcement bodies between February 2024 and April 2026, concentrating on Balochistan Police, the province’s main force.

The compromised assets included servers hosting applications for biometric records, criminal case files and tenant registrations tied to national identity data. One China-nexus actor reportedly planted implants in a portal used by officers and citizens.

SentinelLabs grouped the command and control (C2) activity observed into four clusters. PlugX, ShadowPad and Cobalt Strike point to China-nexus operators; a Remcos cluster was tied to a suspected India-nexus actor Recorded Future tracks as TAG-179, overlapping with the group others call Bitter.

Read more on Chinese espionage: Chinese Hackers Target European Governments in Espionage Campaigns

Two Rivals, Opposite Motives

For China, SentinelLabs said the likely driver was the safety of its nationals, tied to the China-Pakistan Economic Corridor (CPEC).

They have reportedly faced repeated deadly attacks, some claimed by the Balochistan Liberation Army (BLA), a Baloch separatist group. Police data would allow China to assess that threat independently.

India’s motive is more likely its rivalry with Pakistan, in which Balochistan is a recurring flashpoint.

Islamabad accused New Delhi of backing the insurgency, which India denied, and the force holds the record of how Pakistan polices the province.

A Citizen Portal Turned Against Its Users

The standout finding was the compromise of the force’s Complaint Management System (CMS), used by both officers and citizens checking a complaint.

Two variants of an implant named cms_plugin.exe were uploaded in late 2024, one in Rust, the other .NET. The Rust variant is a stager that, on execution, displayed “Update Complete! Please refresh the page,” mimicking a portal update.

The .NET variant posed as a component of Chinese vendor Qihoo 360’s security software and loaded an AsyncRAT client. Shared code and simplified Chinese strings pointed to a Chinese-speaking developer.

Reaching the databases behind these applications would expose:

  • Police personnel and payroll records

  • Criminal case files and fingerprint biometrics

  • Stolen vehicle records

  • Hotel check-ins tied to identity data

  • Landlord and tenant registrations

  • Citizen complaints, including misconduct reports

The convergence reflects a structural risk in digital policing: systems that centralize records and services also concentrate intelligence value, making police infrastructure intelligence terrain for any capable adversary.



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleNovel OAuth Client ID Spoofing Technique Targets Cloud Environments
Next Article CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
Team-CWD
  • Website

Related Posts

Cyber Security

New Ransomware Exploits Malicious Driver to Remove Security Protection

July 11, 2026
Cyber Security

GhostApproval Flaw Hits Six Major AI Coding Assistants

July 9, 2026
Cyber Security

How Faster Cyber-Attacks Are Reshaping Cybersecurity Strategy

July 8, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

How the always-on generation can level up their cybersecurity game

September 11, 2025

Why that next data breach alert could be a trap

April 18, 2026

In memoriam: David Harley

November 12, 2025

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.