In the wake of escalating cross-border hostilities following the April 22 Pahalgam terror attack, cybersecurity agencies in India have detected an alarming shift in strategy: a digital offensive aimed squarely at civilians. The malware campaign, allegedly linked to Pakistani threat actors, has raised nationwide concerns over the vulnerability of Indian citizens to targeted cyber intrusions.
Officials say the attack, known as the Dance of the Hillary virus, is being spread through platforms like WhatsApp, Facebook, Telegram, and email. It disguises itself as video files or documents, often ending in suspicious extensions like .exe—notably tasksche.exe—and once downloaded, it can gain unauthorized access to mobile devices and computers. The end goal, experts warn, is to siphon off confidential data including financial credentials, government IDs, and communication logs.
Intelligence agencies have declared a high alert and issued public advisories, cautioning against opening unknown attachments, especially during a time of geopolitical instability.
“This is cyber warfare disguised as civilian engagement,” a senior cyber official told reporters.
Malware Deployment Amid Battlefield Retaliation
As India launched precision strikes on terror hubs in Pakistan—including major cities like Islamabad—security officials believe the digital retaliation is meant to inflict economic and psychological damage. The Indian Armed Forces, in response to the Pahalgam massacre, neutralized multiple drone and missile facilities and targeted terror camps. In retaliation, Pakistan’s cyber cells have reportedly activated sleeper agents and automated botnets to spread malware across Indian networks.
The attack appears to be coordinated and aimed at maximizing social disruption. Officials believe it is part of a hybrid warfare strategy that blends traditional military aggression with digital infiltration.
Cyber experts have flagged Dance of the Hillary as a variant of previously known data-stealing trojans, repackaged with deceptive file names and spread using phishing tactics. “What makes it dangerous is its ability to blend into civilian channels of communication and exploit curiosity or emotional responses,” said a CERT-In affiliated analyst.
Urgent Measures and Citizen Guidance
In response, India’s cybersecurity response units, including CERT-In and the Ministry of Electronics and IT, have launched an awareness campaign advising users to avoid downloading suspicious content and refrain from sharing unverified links or media. Citizens are being urged to verify messages before forwarding them and report suspicious activity to cybercrime units.
The advisory also encourages the installation of reliable antivirus software and updating device operating systems to close known vulnerabilities. Meanwhile, state cyber cells have been asked to monitor social media trends for malicious content patterns.
On the diplomatic front, India has lodged a protest and is expected to raise the issue in international cybersecurity forums.
“Targeting civilians through digital means is a violation of global norms,” an official at the Ministry of External Affairs said.