Pak cyber security firm accused of stealing Indian defense data

In what must come as disturbing news to India, a Pakistani cyber security firm called Tranchulas has allegedly been stealing data from our government and defense establishments. What makes it even worse is that this has apparently been going on for two years. The word comes from FireEye, a US-based company which specializes in IT security.

As if it wasn’t bad enough that the US’ NSA is already nose deep in countrywide spying activities with regards to India, according to whistleblower Edward Snowden. Tranchulas has previously boasted about helping the Pakistani government in cyber warfare. But it has refused to confirm or deny its involvement in the latest online spying accusations.

Stock Image

While responding to Economic Times, the Pakistani firm claimed to have no idea as to what fueled FireEye intentions behind the revelation. The latter alleges that the former flooded the inboxes of officials with emails containing misleading content like ‘Sarabjit Singh’ and ‘Salary hikes for government employees’ in the subject line.

These mails carried malware in the form of attachments. Upon being opened, they would infect the computer systems in question, gather information and send it back to the attacker. FireEye may have made the link to Pakistan being the source of the trouble owing to some code in the malicious software which had the name of Tranchulas employee, Umair Aziz.

Also see: Banking frauds, spamming, hacking lead to 40 percent hike in cyber crimes in India

The malware has been alive since 2013 and was implanted with false clues tying it to the Cert-In (Indian computer emergency response team) after FireEye brought up the issue with Tranchulas. Meanwhile, the Indian government says that this continuing threat does not exist, while an unnamed official contrarily claims the attackers cannot be traced.

This is because online fraudsters launch trouble via proxy servers. Tranchulas is thought to have engaged VPSNOC, a Pakistani provider which used US hosting services, to execute its cyber spying activities. But the firm insists that it only offers strategic cyber warfare and cyber defense services to select customers.