A professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks.
Symantec also managed to uncover the group's attack method: they found an employee at each organization that had a significant online footprint and installed their malware on their system – Symantec reckons a phishing attack was the most likely approach.
The malware then uses known security holes – in this case unpatched Windows flaws – to escalate privileges before posing as that individual to enter their work network.
Several of the domains were registered through a Yandex email address, for example.
The targeting of India's economic and governmental centers could benefit both foreign governments and those looking to make money from commercially sensitive material, so motive is also hard to divine.
Symantec only uncovered the attacks two years after most of them had taken place and only then after it knew what to look for.