Pakistan-based hacker groups have expanded their cyber-attack network in India and are now targeting high-profile targets from critical infrastructure PSUs from telecom, power and finance sectors.Initial report surfaced last year Pak based APT targetting India.

The new findings surfacing now that APT ‘Operation SideCopy‘ appears to be a cyber espionage campaign by Pakistan-backed ‘Transparent Tribe‘ group that is now targeting critical infrastructure PSUs in India.

Further investigation of the IP, using data from whatismyipaddress.com, revealed that the provider of that IP address is Pakistan Telecommunication Company Limited.

This is likely only a subset of targets since there are several other C2 servers being used in ‘Operation SideCopy APT’, which are probably targeting other entities.The malicious actors have enhanced the attack tools and methods, as compared to last year, to make detection difficult.

This attack group is well funded and is actively improving its attack mechanisms to infiltrate the target entities. The group can potentially steal critical intel from the government agencies and their subsequent bodies.