#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Pakistan Hackers | Breaking Cybersecurity News | The Hacker News

Category — Pakistan Hackers
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

Jun 15, 2024 Cyber Espionage / Malware
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written in Golang and is designed to infect Linux systems. "It is a modified version of the public project Discord-C2, which uses the messaging service Discord for command and control (C2), making use of emojis for its C2 communication," it said . It's worth noting that DISGOMOJI is the same "all-in-one" espionage tool that BlackBerry said it discovered as part of an infrastructure analysis in connection with an attack campaign mounted by the Transparent Tribe actor, a Pakistan-nexus hacking crew The attack chains commence with spear-phishing emails bearing a Golang ELF binary delivered within a ZIP archive file. The binary then downloads a benign lure document wh...
SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations

SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations

May 08, 2023 Cyber Espionage / Threat Intel
The suspected Pakistan-aligned threat actor known as  SideCopy  has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign. This involves using a ZIP archive lure pertaining to India's Defence Research and Development Organization ( DRDO ) to deliver a malicious payload capable of harvesting sensitive information, Fortinet FortiGuard Labs  said  in a new report. The cyber espionage group, with  activity  dating back to at least 2019, targets entities that align with Pakistan government interests. It's believed to share overlaps with another Pakistani hacking crew called  Transparent Tribe . SideCopy's use of DRDO-related decoys for malware distribution was previously flagged by  Cyble  and Chinese cybersecurity firm  QiAnXin  in March 2023, and again by  Team Cymru  last month. Interestingly, the same attack chains have been observed to load and ex...
How AI Is Transforming IAM and Identity Security

How AI Is Transforming IAM and Identity Security

Nov 15, 2024Machine Learning / Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human identities — now, autonomous systems, APIs, and connected devices also fall within the realm of AI-driven IAM, creating a dynamic security ecosystem that adapts and evolves in response to sophisticated cyber threats. The Role of AI and Machine Learning in IAM AI and machine learning (ML) are creating a more robust, proactive IAM system that continuously learns from the environment to enhance security. Let's explore how AI impacts key IAM components: Intelligent Monitoring and Anomaly Detection AI enables continuous monitoring of both human and non-human identities , including APIs, service acc...
Pakistani Man Bribed AT&T Insiders to Plant Malware and Unlock 2 Million Phones

Pakistani Man Bribed AT&T Insiders to Plant Malware and Unlock 2 Million Phones

Aug 06, 2019
United States federal government has charged a Pakistani national for bribing employees at AT&T telecommunication company over a period of five years to help unlock more than 2 million phones and plant malware on the company's network. Muhammad Fahd, a 34-year-old man from Pakistan, was arrested in Hong Kong last year in February at the request of the U.S. government and just extradited to the U.S. on Friday, August 2, 2019. According to an indictment unsealed Monday, Fahd recruited and paid AT&T insiders working at a call center in Bothell, Washington, more than $1 million in bribes between 2012 and 2017 to help them unlock cell phones associated with specified IMEI numbers that otherwise were not eligible to be removed from AT&T's network. Some telecommunication companies, including AT&T, Verizon, T-Mobile, and Sprint, sell flagship phones at discounted prices, but it comes with locked SIMs that prevent users from switching their network service for any...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web

Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web

Mar 17, 2019
A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web. The Hacker News today received a new email from the Pakistani hacker, who goes by online alias Gnosticplayers and previously claimed to have hacked dozens of popular websites from companies which, according to him, probably had no idea that they were compromised. The hacker last month made three rounds of stolen accounts up for sale on the popular dark web market called Dream Market, posting details of 620 million accounts stolen from 16 websites in the first round, 127 million records from 8 sites in the second, and 92 million from 8 websites in the third. Although while releasing the third round Gnosticplayers told The Hacker News that it would be his last batch of the stolen database, the hacker released the fourth round containing nearl...
Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

Aug 08, 2018
The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx , who claimed to be from Pakistan, created a GitHub repository called Source-Snapchat with a description " Source Code for SnapChat ," publishing the code of what purported to be Snapchat's iOS app. The underlying code could potentially expose the company's extremely confidential information, like the entire design of the hugely-successful messaging app, how the app works and what future features are planned for the app. Snapchat's parent company, Snap Inc., responded to the leak by filing a copyright act request under the Digital Millennium Copyright Act (DMCA), helping it takedown the online repository hosting the Snapchat code. SnapChat Hack: Github Took Down Repository After DMCA Notice Though it is not clear...
Pakistani Hacker Arrested for Hacking Telecom Company Database

Pakistani Hacker Arrested for Hacking Telecom Company Database

Apr 06, 2014
Pakistan's Federal Investigation Agency (FIA) has arrested a Pakistani Hacker allegedly involved in hacking into a telecom company and uploading their database on his website. With the help of the National Response Center for Cyber Crime (NR3C) of Pakistan's Federal Investigation Agency, the local authorities were able to trace and arrest the hacker suspected of infiltrating into the systems of Warid Telecom, an Abu-Dhabi-based telecoms company that provides services in Congo, Pakistan and Uganda. The suspect, Mubashar Shahzad , a resident of Kasur, is believed to have downloaded Warid Telecom's customer information from the company's databases and exposed it online, which was published on earlysms.com , a site hosted with HosterPK . Investigation started after one of the senior manager of a cellular company filed a complaint saying the ' information of its consumers till 2006 had been exposed over the internet. ' " A technical/forensic analysis found that the...
Exclusive - openSUSE Forum Hacked; 79500 Users Data Compromised

Exclusive - openSUSE Forum Hacked; 79500 Users Data Compromised

Jan 07, 2014
After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker ' H4x0r HuSsY ' has successfully compromised the official Forum of ' openSUSE ', a Linux distro developed, sponsored & supported by SUSE. The hacker managed to deface the Forum and uploaded its custom message page as shown and account information of 79,500 registered users' may have been compromised. (The forum was defaced at the time of writing - Check Here ) The popular website MacRumors's Forum was compromised  in last November using an alleged zero day exploit, which is based on  vBulletin , a famous forum software. The openSUSE Forum is also based upon  vBulletin . Another interesting fact is that openSUSE is still using vBulletin 4.2.1 , which is vulnerable to  inject rogue administrator accounts flaw. Whereas,  the latest patched  vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vuln...
Pakistan Domain Registrar PKNIC Hacked

Pakistan Domain Registrar PKNIC Hacked

Feb 04, 2013
PKNIC, The Pakistan domain registrar of .com.pk, .pk, org.pk and others domains has been reportedly hacked again yesterday. A hackers group named PakBugs has claimed that they have successfully penetrated PKNIC servers and gained control of around 23,000 domains which included some of the most popular pakistani media websites also. This is not the first time that PKNIC servers have been compromised. Earlier a Turkish hacker successfully managed to penetrate PKNIC servers and redirected 284 .pk domains. Hacker redirect / deface many websites by changing the DNS records (DNS spoofing) of the websites which are maintained by PKNIC. However, it took the hacker 5 hour to submit all his defacement's on zone-h to make mirror's.
Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Nov 19, 2012
Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other. Hacker start with " The Notorious Hackers are Back " , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , " and they copied my index as well, " he said. Anyway, deface page said, " on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood. " Zone-h of all defaced sites are available  here . ...
English Defence League Donors Information Leaked by Hackers

English Defence League Donors Information Leaked by Hackers

Nov 13, 2012
3 Days ago " English Defence League " was hacked and Defaced by " ZCompany Hacking Crew ". Today same hacking crew expose a list of 25 people who give Donations to EDL. Leaked information include Donator's Names, addresses and Email addresses, posted in a note . Hackers said," If you donate to EDL and your name is not in the list, you should not breathe a sigh of relief ZHC will find you and expose you one day. " I talk with hackers to know the reason of exposing the donator list, and reply was - " We will expose every person who support racist organisations like EDL " Last Friday defaced page read, " Fuck Zionist Jews! – Boycot israel! – Fuck the American Government! - Fuck fascist Organizations like EDL " On the time writing this article, website of " English Defence League " (https://www.englishdefenceleague.org/) is giving " 403 Forbidden " and Hackers told 'The Hacker News' that...
English Defence League defaced by ZCompany Hacking Crew

English Defence League defaced by ZCompany Hacking Crew

Nov 09, 2012
ZCompany Hacking Crew members hack and deface  English Defence League official website (https://englishdefenceleague.org),a far-right British organization . Deface page include text " Fuck Zionist Jews! – Boycot israel! – Fuck the American Government! - Fuck fascist Organizations like EDL" and a screenshot of a email. " EDL admins have been harassing innocent people and stealing money from them to fund their racist adventures " Hacker continue. Hacker trend the hacking operation as # OPEDL and #OpRacism  on twitter. Further message include, " Such a shame! EDL admins! as we ZHC said we will always be one step ahead of you. We will chase you, expose your racism and even remove you from the web. We demonstrated it successfully by deleting your facebook page three times. And we have demonstrated it successfully by defacing and exposing your frauds yet again.But the best is yet to come. Yes right, details of supporters and donors of EDL will be made p...
Pakistani hackers deface Indian Southern Railways website

Pakistani hackers deface Indian Southern Railways website

Aug 07, 2012
Website of the Southern Railways www.southernrailway.gov.in has been defaced apparently by Pakistani hackers. The hacker group that calls itself ' Pak Cyber Pyrates ' replaced the home page of the website with a page with content that denounces India's role in Kashmir. Indian and Pakistani hacking groups are engaged in a cyber war of sorts with websites in both the countries being regularly attacked and defaced.
The Hackers Conference 2012 Call For Papers #THC2012

The Hackers Conference 2012 Call For Papers #THC2012

May 12, 2012
We are extremely delighted to announce the Call for Papers for The Hackers Conference 2012   It is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most topical issues of the IT world. Conference will be held in New Delhi, India and aims to get together industry, government, academia and underground hackers to share knowledge and leading-edge ideas about information security and everything related to it. The following list contains major topics the conference will cover. Please consider submitting even if the subject of your research is not listed here. Topics Cloud Security Wireless hacking GSM/VoIP Security Smartphone / Mobile Security Exploit development techniques Advance in reverse engineering National Security & Cyber Warfare New Vulnerabilities and Exploits/0-days Antivirus/Firewall/UTM Evasion Techniques New Web ...
North Las Vegas Police Department hacked by ZHC

North Las Vegas Police Department hacked by ZHC

May 11, 2012
North Las Vegas Police Department hacked by ZHC The official website of North Las Vegas Police Department (NLVPD) -  https://www.joinnlvpd.com/  defaced today by ZHC BlackOne HaXor - ZCompany Hacking Crew - [ZHC] and above shown black deface page with message displayed on Homepage.  Page indicates the cause of Hack  " Stop Nato Attacks on Pakistan! " ZHC is a Pakistani Hacking group defaced thousands of websites before against India and also this is second time that Las Vegas Police Department  website got hacked. Mirror of hack can be seen here .
Two from Team Poison arrested in MI6 hotline phone hack

Two from Team Poison arrested in MI6 hotline phone hack

Apr 13, 2012
Two from Team Poison arrested in MI6 hotline phone hack Police in the UK have arrested two teens as part of an investigation into illegal recordings of conversations on Scotland Yard’s anti-terror hotline, which were later posted on Youtube . Two teenage boys aged 16 and 17 years have been arrested in the West Midlands in connection with an investigation into reports that hackers accessed Scotland Yard's anti-terror hotline. The hackers claimed to have carried out the cyber-attack in response to the alleged detention of innocent people on terrorism charges and the recent ruling to deport a number of terror suspects to the United States.  In the recording of the conversation, two people are heard discussing an earlier alleged attack in which a group calling themselves TeamPoison ( TeaMp0isoN ) apparently jammed the hotline by bombarding it with calls from computers . " We are confident the communication systems have not been breached and remain, as they always have been, s...
Phone based denial-of-service (DoS) attack on MI6 Anti-terrorism Agency

Phone based denial-of-service (DoS) attack on MI6 Anti-terrorism Agency

Apr 12, 2012
Phone based denial-of-service (DoS) attack on MI6 Anti-terrorism Agency The Hacking group, ' TeaMp0isoN ' said they targeted counter-terrorism officers at MI6 with a barrage of phone calls for a period of 24 hours, which meant nobody else could get through. By using a cleverly developed script, the hackers were able to make calls to the agency's offices for 24 hours non-stop, basically launching a phone-based denial-of-service (DOS) attack. " The script is based on the Asterisk software and uses a SIP protocol to phone ," TriCk told us. " Everytime they picked up the phone the server would play a robot voice which said 'teamp0ison' ." It said the attacks were motivated by the recent decision at the European Court of Human Rights that said Babar Ahmad, Adel Abdel and other suspected terrorists could be extradited to the United States, Huffingtonpost Reported . Trick also released what he claimed was the audio of the moment called the number and spoke to MI6 officers perso...
Pakistani Hackers attacks 31 government and 46 educational institutions Websites

Pakistani Hackers attacks 31 government and 46 educational institutions Websites

Mar 20, 2012
Pakistani Hackers attacks 31 government and 46 educational institutions Websites Maharashtra police said, websites of more than 46 educational institutions and 31 government websites based in the district were allegedly hacked by a group reportedly based in Pakistan. KhantastiC, a hacker who claimed to be a part of Pakistan Net Army (PNA) reported on 'zone-h.net' the number of 'Rajasthan.gov.in' domain named websites hacked by him since January 16, 2012. Muslim Liberation Army (MLA), an obscure group said to .be based in Lahore, allegedly hacked into  46 educational institutions websites. Cyber Crime Branch has launched investigations after receiving complaints in this regard.
Internet censorship in Pakistan, National Filtering and Blocking System

Internet censorship in Pakistan, National Filtering and Blocking System

Feb 26, 2012
Internet censorship in Pakistan , National Filtering and Blocking System A Pakistan government department has called for proposals for the development, deployment and operation of a national level URL Filtering and Blocking System. The proposal request states that each box of the system " should be able to handle a block list of up to 50 million URLs with a processing delay of not more than 1 millisecond. " According to a request for proposals from the National ICT (Information and Communications and Technologies) R&D Fund, the Pakistani government is struggling to keep a lid on growing Internet and Web use and is looking for a way to filter out undesirable Web sites. The 'indigenous' filtering system would be 'deployed at IP backbones in major cities, i.e., Karachi, Lahore and Islamabad,' the RFP . According to a post on EEF , Ever since the Pakistan Telecommunication Act, passed in 1996, enacted a prohibition on people from transmitting messages that are " fals...
CPLC Chief says 'Pakistan a safe heaven for cyber criminals'

CPLC Chief says 'Pakistan a safe heaven for cyber criminals'

Dec 26, 2011
CPLC Chief says ' Pakistan a safe heaven for cyber criminals ' The cyber crimes of multiple kinds in Pakistan have increased by five times over the past four years. Pakistan Daily Times News today reported that, Citizen Police Liaison Committee (CPLC) Chief through a letter on Saturday, apprised the Federal Law, Justice & Parliamentary Affairs Minister that in the absence of Prevention of Electronic Crime Ordinance (PECO) Law 2007, lapsed in 2010, Pakistan had become a safe heaven for cyber criminals and con artists whereas the law enforcement agencies were unable to take legal action against them. According to the Cyber Crime Unit (CCU), a branch of Pakistan's Federal Investigation Agency (FIA), 62 cases were reported to the unit in 2007, 287 cases in 2008 and the ratio dropped in 2009 but in 2010 more than 312 cases were registered in different categories of cyber crimes. " There are numerous complaints regarding fake calls deceiving citizens into receiving a ...
President of Guyana's Website defaced by Hackers

President of Guyana's Website defaced by Hackers

Dec 12, 2011
President of Guyana 's Website defaced by Hackers The Official Website of President of Guyana 's Website defaced by some hackers belongs to Group called " The Hackers Army " ."To the ignorant observer Israel may appear modern, vigorous and democratic largely thanks to the outrageous bias in Western media and the $$$ whom have become our leaders...now wake up!!!" The Pakistani hacker also blames the UN for creating out of Israel a country comparable to Nazi Germany. Also earlier The Hackers Army has hacked lots of high profile websites inlcuding ESET antivirus site and many more. The Disaster named hacker from the group is responsible for the Defacements . This is not the first time when Tha Disastar manages to breach the security of a site. Just yesterday he took down one of the websites used by Anonymous to spread their activist messages.
Expert Insights / Articles Videos
Cybersecurity Resources