APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

APT36 and SideCopy threat groups have launched coordinated campaigns targeting Indian defense and government-aligned organizations with cross-platform remote access trojans. These attacks compromise both Windows and Linux environments using malware families including Geta RAT, Ares RAT, and DeskRAT, which are designed to steal sensitive data and maintain persistent access to infected systems.

The campaigns demonstrate sophisticated targeting of critical infrastructure sectors with malware capable of operating across different operating systems. The use of multiple RAT families suggests a well-resourced operation aimed at establishing long-term footholds within targeted networks for intelligence gathering and potential disruption.

Key Takeaways

APT36 and SideCopy threat actors targeting Indian defense and government sectors
Cross-platform attacks compromising both Windows and Linux environments
Use of multiple RAT families (Geta RAT, Ares RAT, DeskRAT) for data theft and persistence
Campaigns focused on establishing long-term access to critical infrastructure

Threat Actors

APT36, SideCopy

Source: The Hacker News

Press ESC to close

Key Takeaways

Threat Actors

Share Article:

Tarang Parmar

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials