.png){kind=logo}
Indian authorities have been warned about a high-tech cyber-espionage operation led by a Pakistan-affiliated hacker group. The group named Transparent Tribe is targeting military and government systems. According to an intelligence report shared with the Ministry of Home Affairs (MHA), the attack involved a next-generation spyware, DeskRAT.
The report states that, starting in 2025, Transparent Tribe has advanced its methods, going from public cloud platforms such as Google Drive to private servers. This has made it increasingly difficult for Indian cybersecurity teams to detect and mitigate attempts.
DeskRAT was created specifically to infiltrate BOSS Linux systems predominantly used within government offices. Hence, it allows hackers to track, steal, and otherwise transmit sensitive files undetected. Sources have also found that ‘the latest attacks are faster, harder to detect than before, and stealthier.’
Sources indicate that the hackers are leveraging ongoing tensions in Ladakh, attempting to access intelligence related to China’s military movements. Officials are being targeted with sophisticated phishing campaigns disguised as official notices, intelligence briefings, or ZIP attachments. These are often timed with real-world security alerts or border incidents to increase the likelihood of compromise.
The report warns that Transparent Tribe is incorporating artificial intelligence and large language models (LLMs) to quickly create new malware variants. This rapid adaptation allows their attacks to outpace traditional cybersecurity defenses. Experts stress that only automated, real-time threat detection systems can effectively counter these adaptive threats designed for long-term espionage.
Transparent Tribe has previously been linked to Crimson RAT campaigns, using phishing documents disguised as security briefings. During the April 2025 Pahalgam terror incident, the group reportedly circulated fake government messages to lure officials into opening malicious attachments.
In response to the latest threat, the MHA has instructed all ministries and defence units to heighten cyber vigilance and strengthen security protocols, emphasizing that these cyber-attacks are a national security priority.
Also Read: India Adopts Hands-Off AI Governance to Boost Innovation
This warning highlights the increasing sophistication of state-sponsored cyber-espionage actors, who are using AI and LLMs to produce adaptive malware. It also outlines the need for India to prioritize real-time automated threat detection. The nation should also step up the continuous monitoring of government and defence networks to protect sensitive information from emerging cyber threats.
