Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

China, India hackers weaponized Pakistan police portal to hit civilians, officers

Balochistan Police parade from December 2025. (Balochistan Police)

By Kyle Belmonte

A suspected China-linked threat actor turned a Pakistani police complaint portal used by ordinary citizens into a malware delivery mechanism — one piece of a two-year parallel campaign in which hacking groups tied to both China and India independently infiltrated the same law enforcement force, accessing biometric records, criminal case files, and citizen complaint data across four Pakistani policing institutions, according to a July 9 report by SentinelLABS.

The findings, published by SentinelLABS — the threat research arm of SentinelOne — document four distinct cyberespionage campaigns targeting Pakistani law enforcement between February 2024 and April 2026, deploying four separate malware families or frameworks: PlugX, ShadowPad, Cobalt Strike, and Remcos. All four campaigns converged on Balochistan Police, the principal force serving Pakistan’s largest province by area.

The report, titled One Target, Two Flags, marks the most detailed public accounting of simultaneous, independent nation-state intrusions into a single law enforcement institution, and its implications extend well beyond South Asia: any government agency that consolidates citizen data, biometric records, and public complaint portals into connected web applications has built the same kind of high-value target that drew two rival intelligence services to Balochistan.

Read more at Tech Times

Click to listen highlighted text!