A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking an expansion of the hacking crew's
![]()
source https://thehackernews.com/2025/04/pakistan-linked-hackers-expand-targets.html
source https://thehackernews.com/2025/04/pakistan-linked-hackers-expand-targets.html