A team of hackers linked with the Indian army had been using Mobile surveillance tools to spy on sensitive targets inside Pakistan and Kashmir, a San Francisco-based cybersecurity company, Lookout, has claimed.
The hacker group is called Confucius that is known for commandeering legitimate applications and web services in South Asia and integrating surveillance tools and malware inside the apps and services for spying.
According to Lookout’s report, between 2017 and 2020, Confucius had targeted officials of Pakistan’s armed forces, Pakistan Nuclear Regulatory Authority, and Pakistan Atomic Energy Commission on numerous occasions.
The hacker group used to trick victims into installing knock-off web applications disguised as security tools and applications. After that, they penetrated the victims’ devices and extracted the data including recorded phone calls, call logs, contacts, geolocation, images, and voice notes.
Their technique is to trick their victims into installing knock-off applications that are disguised as tools for safety and security. Once it is installed, they penetrate the device and extract the sensitive data. The data they have extracted is usually, call recordings, call logs, location, images, contacts, and even voice notes of the officials.
As per Lookout’s report, 156 high-profile Pakistani officials’ data has been compromised and it is stored on servers. Lookout gained access to the comparatively unsecured servers and found that the people who access the server are located in the North of India.