India’s government sector is under siege from ingeniously designed cyber plots traced back to Pakistan, as per a bombshell report from Zscaler ThreatLabs. Unearthed in September 2025, the dual campaigns—’Gopher Strike’ and ‘Sheet Attack’—deploy uncharted techniques, amplifying risks to critical infrastructure.
Analysts Sudeep Singh and Yin Hong Chang draw parallels to APT36 but lean toward a new or parallel Pakistan-supported outfit with moderate assurance. This revelation peels back layers on how adversaries adapt and innovate to pierce fortified networks.
‘ Sheet Attack’ masterfully repurposes Google Sheets, Firebase, and emails into clandestine C2 hubs. By embedding within benign services, attackers achieve undetectable longevity, challenging even sophisticated monitoring regimes.
In contrast, ‘Gopher Strike’ weaponizes phishing with booby-trapped PDFs: Blurry pics mask pop-ups faking Adobe updates. Success hinges on origin checks—Indian IPs and Windows agents alone unlock the malicious ISO, thwarting scan tools via clever server logic.
Such selectivity, per Zscaler, laser-focuses threats on victims while shielding from analysis. Echoing this, early-month findings detailed Pakistani hackers’ spyware blitz on Indian universities and officials, bent on pilfering secrets.
The takeaways are stark for defenders: Embrace behavioral analytics, enforce strict update protocols, and foster public-private synergies. As cyber skirmishes intensify, India’s resilience will define its stature in a wired world fraught with invisible foes.