According to two anti-virus firms, Pakistani government agencies have been targeted by spear-phishing attacks.
While the Syrian Electronic Army gets all the publicity and the US-China hacking campaigns are now well known, India and Pakistan quietly have their own thing going on. According to two anti-virus firms, ESET and Symantec, Pakistani government agencies have been targeted by spear-phishing attacks—fraudulent emails that trick people into giving up sensitive information—from India for at least two and as long as four years.
Targets receive an email with attached Microsoft Word or pdf documents, with names like pakistandefencetoindiantopmiltrysecreat.pdf (Pakistan defense to Indian top military secret) and pakterrisiomforindian.pdf (Pak terrorism for Indian). The contents of the documents supposedly outline ”India’s ambitious defense policy” and its plans to “fight China and Pakistan at the same time.” Despite the far-fetched nature of the latter scenario, enough people opened the files, which contained malicious code that installed itself on their machines. More baffling yet, they were impressed enough to forward the files on to other hapless victims.