13-05-2025
Pak hackers step up multi-phase attacks in India
Hyderabad: A sharp escalation in cyber warfare between India and Pakistan unfolded since April, with multiple Indian websites defaced and strategic digital systems attacked in a series of coordinated operations attributed to Pakistan-based hacker groups, including
APT36
and Team Insane to Interpol trainer and cyber forensic expert Pendyala Krishna Shastry, the attacks were part of a broader campaign of cyber and information warfare waged by Pakistani actors against Indian digital assets.
These groups reportedly deployed malware, conducted phishing attacks, and launched denial-of-service operations targeting critical sectors such as finance, telecom, energy, and public a website that tracks defacements, reported incidents involving Indian govt domains. The website of National Institute of Water Sports ( was claimed to be defaced. Another, also experienced a breach, but was restored groups, Hacktivists lead multi-phase assaultThe offensive unfolded in five distinct phases. Initial attacks, which occured between April 23 and April 26, were low-scale defacements by religious hacktivist collectives, while between April 27 and May 2, denial-of-service attacks were launched against e-governance platforms. By May 6, high-skill actors initiated ransomware and data theft in manufacturing and oil and gas May 7 onwards, advanced persistent threat groups like APT36 focused on banking and payment systems, including National Payments Corporation of India (NPCI). APT36, also known as Transparent Tribe, has been active since 2013, using remote access trojans such as Crimson RAT and Capra RAT to infiltrate Indian five, which began on May 13, includes attacks reportedly supported by state actors from China, Turkey, Iran, and North Korea. The Lazarus Group, SideWinder, MuddyWater, and APT28 have been named among key actors using zero-day exploits and supply chain vulnerabilities to target core assets. Shastry underlined the urgency of countering the digital offensive with better cyber hygiene, institutional readiness, and public awareness.
