As Pakistani hacker group APT36 targets Indian systems, Chandigarh police issue advisory

“Their primary tactics include phishing emails, infected mobile apps, spyware, and embedding hidden malware on educational or research websites to gain unauthorised access to sensitive information,” said a Cyber Crime Cell official.

To safeguard against these threats, individuals are strongly advised to avoid clicking on unknown links or downloading files — especially APK files — from untrusted sources, as these may contain viruses or spyware. Sharing false or unverified news online is not only misleading but also aids cybercriminals by spreading panic. Citizens should refrain from downloading or sharing strange videos, such as the suspicious “Dance of the Hillary,” which may carry harmful content, added a Cyber Crime Cell official.

Authorities have also warned against opening emails with suspicious attachments, like “tasksche.exe,” known to be linked to malware attacks. Individuals must remain cautious of unknown calls or messages, particularly those claiming to be from officials or trusted contacts. Personal details and money should never be shared without thorough verification.

As part of the advisory, the Indian Computer Emergency Response Team (CERT-In) has issued detailed safety measures for organisations. Offices and companies are urged to monitor networks 24×7, enforce two-factor authentication, keep all systems and software updated, train employees to detect phishing attempts, maintain offline data backups, and adopt a zero-trust security model.

Anyone noticing unusual activity or potential breaches should immediately check their systems for Indicators of Compromise (IOCs) and report incidents. Complaints and suspicious activity can be reported via the cybercrime portal (www.cybercrime.gov.in), helpline number (1930), landlines (0172-2970400 / 0172-970600), email (incident@cert-in.org.in), or CERT-In’s toll-free number (1800-11-4949), mentioned the cyber crime officials.