New Delhi, Nov 8
At the start of 2025, following a high-level meeting in the national Capital, Indian Intelligence agencies had signalled that going into the future, New Delhi's major concerns on the security front would be cybercrime. While cybercrime has always been a threat to the security of the nation, the agencies have smelt a DeskRAT and have been picking up a new trend.
Hackers from Pakistan, China and other countries have ramped up operations and have been targeting both financial institutions and the military. This is part of the psy-ops that Pakistan has launched and the larger aim is to embarrass the military and hurt the Indian economy.
The Indian agencies have been picking up a new trend in the manner that these criminals have been operating.
The change in trend was noticed when the protests broke out in Sri Lanka. When a neighbouring nation is in trouble there is always a high alert. The stress the security agencies go through at that time is what the hackers are taking advantage of. At such a time, the hackers are aware that some officers can make a mistake by opening up emails that are marked 'urgent'.
These emails marked 'urgent' contain files which once opened can take over the system. Once these attachments are opened, then the hackers get to withdraw operational documents, and strategic plans. There are times when such a spyware sits in the system for weeks. Until it is detected the hackers have complete access to the system.
The same modus operandi was used when protests broke out in Bangladesh and then Nepal. Investigations revealed that these operations are carried out using a spyware called DeskRAT. Further, the recent incidents have been traced to a Pakistan-based group called Transparent Tribe.
The spyware has been designed in such a way that it specifically targets the Boss Linux systems. These operating systems are widely used in Indian government offices. Further the spyware operates with stealth, thus making detection very difficult. Until the time it is detected, it browses government documents, extracts sensitive information and also monitors activity.
Even in the aftermath of the Pahalgam terror attack, this group was very active. It sent out emotionally charged mails and messages to government officials. Many opened these attachments, following which the hacking group gained access to their systems.
Several agencies are working overtime to find a solution to this latest spyware. An officer explained that the most lethal aspect of this spyware, DeskRAT is that it is not designed to crash a system, but to monitor it. This makes the detection extremely challenging and hence the spyware remains in the system for longer durations. This indicates that the hacking group is focussed not on disruption, but on long term spying.
Intelligence officials say that DeskRAT is one of the most lethal spywares that has been introduced into the Indian systems in a long time. The sophistication is what is making it hard to detect. Without anyone getting wind of its existence, it manages to do the damage. It collects information and also disrupts communication channels within the military and other government offices.
This group gets active at a time when there are disturbances in India's neighbourhood or within the country. There is a lot of stress to ensure that such violence does not spill over into India. This is the time the hackers strike taking advantage of the stress within the system. Transparent Tribe had deployed DeskRAT into the Indian systems even when protests had broken out in Ladakh recently.
- IANS
Reader Comments
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.