Recent cyberattacks by Pakistan-linked advanced persistent threat (APT) groups like SideCopy and Transparent Tribe (APT36) have intensified against Indian government entities. Seqrite Labs discovered multiple campaigns deploying malware such as AllaKore RAT and Crimson RAT, often using compromised domains and spear-phishing emails with malicious attachments. The analysis establishes connections between the APT groups based on their infrastructure, code overlaps, and targeting, highlighting the persistent threats faced by Indian organizations. Author: AlienVault
Related Tags:
Eliza RAT
Capra RAT
Margulas RAT
Reverse RAT
Action RAT – S1028
T1584.001
T1218.005
T1074.001
T1588.002
Associated Indicators:
3925DD34FEB2D1B3EB24CB07564B0E2A2D81722A3891B4C7379D2F0C7A04F182
FB91130A473DB74FC9A0FAC9FBCE905D14169B83
F70C7D680212B7ACD8D5054E60D0D108CB73497D
7BB8F92770816F488F3A8F6FE25E71A7
E291FFFBCB4B873B76566D5345094567
48E1E695258A23742CD27586E262C55A
BB5B569B38AFFB12DFE2EA6D5925E501
6AB0466858EB6D71D830E7B2E86DAB03
1E5285EE087C0D73C76FD5B0B7BC787C