NEW research from SentinelOne reveals that cyberespionage groups linked to China and India infiltrated Pakistani law enforcement networks, particularly targeting the Balochistan Police, over a two-year span from February 2024 to April 2026. The attacks, characterized by various malware types including PlugX and Cobalt Strike, aimed at accessing sensitive police data such as biometric databases and case files.
The report suggests that Chinese operatives might be motivated by security concerns for Chinese nationals involved in Belt and Road projects in Pakistan, while India’s involvement aligns with ongoing regional disputes. Malicious files were found disguised as software updates on the police's Complaint Management System, impacting both police and civilians.