The group also targeted people related to sensitive departments and even election officials in Jammu and Kashmir
A US-based cybersecurity company Lookout has found two Android-based platforms from India that have been spying on Pakistani military personnel. Malware Hornbill and SunBird, which were used first in 2013 by a group called Confucius, were “a state-sponsored, pro-India actor primarily pursuing Pakistani and other South Asian targets.”
As per the report, the targets included Pakistani military personnel, as well as nuclear authorities trying to extract sensitive information through text messages and geo-locations. The targets also included election officials in the Indian Occupied Jammu and Kashmir.
“Targets of these tools include personnel linked to Pakistan’s military, nuclear authorities, and Indian election officials in Kashmir,” the statement said. “Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS, encrypted messaging app content, and geolocation, among other types of sensitive information,” it added.
The statement also points out that the two malware evolved into commercial android surveillance tools, seemingly derived from the same code as an earlier surveillance product called MobileSpy. Some major targets included an ”individual who applied for a position at the Pakistan Atomic Energy Commission, individuals with numerous contacts in the Pakistan Air Force (PAF), as well as officers responsible for electoral rolls (Booth Level Officers) located in the Pulwama district of Kashmir”, the analysis found.
“The data included information on victims in Europe and the United States, some of which appear to be targets of spouse ware or stalkerware. It also included data on Pakistani nationals in Pakistan, India, and the United Arab Emirates that we believe may be targeted by Confucius APT campaigns between 2018 and 2019,” the detailed report added.
This clearly shows that Indian governments have been involved has been spying into Pakistan using cellular technology. At the same time, the Indian government used its now exposed fake news nexus it ran from Europe. It is high time that the international community steps up and stops India from such actions.