India spied on Pakistan and China, says US-based intelligence company

Texas-based Exodus Intelligence believes India used its “zero-day” security vulnerabilities, which hackers can use to attack systems, to spy on Pakistan and China, according to a report published in Forbes.

Exodus Chief Executive Officer (CEO) and co-founder Logan Brown said that after an investigation, he believes India handpicked one of the Windows vulnerabilities from the feed—allowing deep access to Microsoft’s operating system—and Indian government personnel or a contractor adapted it for malicious means.

The Exodus CEO maintained that India was subsequently cut off from buying new zero-day research from his company in April and it has worked with Microsoft to patch the vulnerabilities.

Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan.

Aspects of the code looked like some the Moscow antivirus provider had previously seen and attributed to a company it gave the cryptonym “Moses”.

Beyond the two zero-days already abused, according to Kaspersky, “at least six vulnerabilities” made by Moses have made it out “into the wild” in the last two years. Also according to Kaspersky, another hacking crew known as DarkHotel — believed by some cybersecurity researchers to be sponsored by South Korea — has used Moses’ zero days. South Korea is not a customer of Exodus.

“We are pretty sure India leaked some of our research,” Brown said. “We cut them off and haven’t heard anything since then . . . so the assumption is that we were correct.”