Apt Group Linked to New Phishing Campaign Targeting India's Ministry of Defence

Apt Group Linked to New Phishing Campaign Targeting India's Ministry of Defence

Recently, a new phishing campaign has been linked to an advanced persistent threat (APT) group that has a history of targeting India and Afghanistan. The group, identified as SideCopy, has been found to be using this campaign to deliver Action RAT to its targets, with the primary focus being on the Defence Research and Development Organization (DRDO), the research and development wing of India's Ministry of Defence.

Cyble, a cybersecurity company that tracks such activity, has attributed the operation to SideCopy, which is known for emulating the infection chains associated with SideWinder to deliver its own malware. This APT group of Pakistani origin has been active since at least 2019 and shares overlaps with another group known as Transparent Tribe.

The use of phishing campaigns to deliver malware is a common tactic used by APT groups, and SideCopy's latest activity is a reminder of the ongoing threat posed by such actors to critical infrastructure and government entities. The DRDO is responsible for the development of strategic technologies that are crucial to India's defence capabilities, making it a prime target for cyber espionage and theft.

The use of Action RAT, a remote access trojan, allows the attackers to gain unauthorized access to the targeted systems and exfiltrate sensitive information. Such attacks can have severe consequences, including compromising national security and jeopardizing military operations.

It is also important for governments to take action against threat groups like SideCopy, which use cyber-attacks to undermine national security. Cooperation between governments and cybersecurity firms can help to identify and track these groups, and provide the necessary intelligence to prevent future attacks.

To mitigate the risk of such attacks, organizations need to be vigilant and implement robust security measures. This includes conducting regular security audits, implementing multi-factor authentication, and providing cybersecurity training to employees. It is also essential to stay up-to-date with the latest cybersecurity trends and threat intelligence to identify and respond to potential threats proactively.

ANA Cyber Forensic Pvt Ltd is one of the leading Indian cyber security services companies that provide best solutions to protect your business form security threat. For more information call us at +91 – 90110 41569

phone Email