Malware-Laced Videos & PDFs Circulating via WhatsApp/Telegram
• Attackers are distributing infected files with names like “Army Intel Brief
2025.pdf”, “Retaliation Plan.exe”, and “Border Incident Footage.mp4,
Dance of Hillary.mp4, Tasksche.exe”. Set GetDownload OFF
• State-Sponsored APTs Targeting India: These aren’t just random pranks—
analysis shows deployment of RATs (Remote Access Trojans) like DarkComet
and Crimson RAT that give attackers complete control of infected systems,
keyloggers, custom payloads.
• Fake News Pages on Facebook & Twitter Distributing Phishing Links
– Several fake pages are mimicking Indian military and news channels,
sharing links to “breaking updates.” These redirect users to credentialstealing login pages or exploit kits that auto-download payloads.
• Credential Harvesting via Spoofed Government Email Addresses
• Pro-Pakistan Hacktivism & Website Defacement
– Hacked sites replaced with propaganda messages.
– Educational institutions, small government portals, news outlets.

• Patch CMS/plugins; monitor for defacement; harden admin access.
– Phishing campaigns using lookalike email domains such as @gov-in.info or @india-defense.in are targeting officials and business executives.
• These emails often include “urgent meeting invites” or “updated strategic plans,” tricking users into handing over credentials or downloading infected ZIP files