Government and telecom entities in China and Pakistan were targeted as part of cyberespionage campaign led by the Indian government according to a report by Forbes. The campaign using zero day vulnerabilities sold to it by Exodus Intelligence, a zero day exploit broker, based in Austin Texas, ran from June 2020 to April 2021 following which Exodus says it 'cut off' India from buying its zero day exploit research. Zero day exploit brokers are companies that sell information about crucial software vulnerabilities and software which could exploit them. In this case, Exodus told Forbes, it provided India with information about the vulnerability which was later adapted and exploited by an Indian government official or contractor. The development comes amidst calls for a moratorium on spyware applications, after a consortium of international news organisations published a revelatory series of stories in July on the use of the NSO-group made Pegasus spyware to spy on opposition leaders, activists, journalists, and others by multiple governments. While the software may not have been a spyware, whistleblower Snowden had said in an interview that the consortium’s findings illustrated how commercial malware or malicious software had made it possible for repressive regimes to place vastly more people under the most invasive types of surveillance. According to the report, in this case, the exploit allowed deep access into Microsoft PCs to the attackers for nearly a year. What did India do? According to the report,the campaign targeted Microsoft PCs in government and telecom units in China and…
