Operation Hangover: India’s three-year silent cyber war on Pakistan


Cyber analysts in Norway on Tuesday claimed that hackers based in India have been targeting government and military agencies in Pakistan for the last three years and extracting information of national security interest to India.

The “sophisticated” attacks originated from an extensive, “non-state” cyber-attack infrastructure and used decoy links, including those that referred to this year’s beheading incident on the Line of Control (LoC) and rebel movements in the northeast, as bait, Oslo-based Norman Shark group said in a report.

The alleged cyber-attack network — referred to as Operation Hangover in the report — was apparently unearthed as cyber analysts investigated an industrial espionage attack on the Norwegian telecom firm Telenor.

The report did not identify the Pakistani agencies that were targeted but hinted that these included several sensitive military targets that would be of interest to India. The primary goal of the network seemed to have been surveillance against national security interests.

The report said there was no evidence of “state sponsorship” for Operation Hangover. However, the report named several private Indian hacker groups, including those based in New Delhi, as being behind the attack.

The hackers allegedly exploited vulnerabilities in software to plant Trojans in computers across the world, primarily in Pakistan, that then extracted information and sent it back over the Internet.

There were no details yet on how much data might have been leaked, but the report claimed that the network became active in 2010 and peaked last year. Alarmingly, the report said that the group was still active.

“Based on analysis of IP addresses collected from criminal data stores discovered during the investigation, it appears that potential victims have been targeted in over a dozen countries, most heavily represented by Pakistan, Iran, and the United States. Targets include government, military and civilian organisations,” the report said.

The Trojans planted by the network were inadvertently downloaded by users who viewed files or photographs pertaining to Indian military and rebel movements. A Pakistan government site was infected, for example, after a picture of soldiers praying near the Siachen glacier was downloaded, the report claimed.

Another link that was allegedly used for infection was an article and satellite image of the Mendhar area on the LoC that saw heightened tension early in 2013 after the alleged beheading of an Indian soldier by Pakistani army regulars.


  1. Where are Pakistani cyber security groups and why it have not been detected since 3 years Indians keep hacking ?.Pakistani cyber security group should admitted their failure.Pakistan also need cyber crime department to defend sensitive data from such cyber attacks.

  2. This is cyber-terrorism against Pakistan,and Govt of Pakistan ,must raise this with Govt of India

    The reports from Norway described these groups as private

    but my question is “What use this information is for any private group(s).these groups are clearly front for the Indian Govt

    • yea…i m sure the govt of Pakistan would act upon it and the buffoons sitting in the parliament would legislate on this when they are done with deciding weather real academic degrees r needed to be member of the parliament, or not.

    • lol..pakistanis should raise the issue with govt of india!!
      like u pakis ever responded to terrorism issues that we raised..

  3. Re: Operation Hangover

    Google for more
    A few thousand kilometres away in Mumbai, the world’s youngest ethical hacker Shantanu Gawde (now 14) was adviced to learn Chinese by the National Technical Research Organisation chief (name withheld) at the MALCOM conference held at Saki Naka on Friday. The fact was confirmed by the teenager.
    The NTRO chief’s fears are not unfounded. Intelligence and law-enforcement agencies perceive a serious ‘red attack’ by Chinese hackers. Conservative estimates drawn up by MALCOM sources pointed to 5 million bots (computers) being attacked each day. There are more than 8.9 million infected bots each month.

    Jointly developed by the Government of India and ISAC, a non-profit scientific foundation, the National Security Database (NSD) was conceived after the horrific 2008 Mumbai attacks as a proactive action to Identify the most credible and valuable Information Security professionals in India who work to protect the National Critical Infrastructure and cyber space of the country.
    The keynote for NSD will be tentatively addressed by Shri. Sachin Pilot, Hon.Minister of State in the Ministry of Communications and Information Technology. The Inaugural note will be addressed by Shri. Alok Vijayant, Director, NTRO (National Technical Research Organization), Government of India. The NTRO is India’s sole Technical Intelligence (TECHINT) agency. The organization develops technology capabilities in data gathering and processing, cyber security, cryptology systems, strategic hardware and software development and strategic monitoring.
    The event will be followed by malcon which is our partner event in Mumbai. At malcon you’ll witness fresh Information security research presentations, notably the advanced malware for Apple products and Xbox Kinect Malware, both developed by Indian researchers.
    You can find more Information about the event at: malcon.org

Comments are closed.