Estimated reading time: 6 minutes
Seqrite Labs APT team has discovered “Pahalgam Terror Attack” themed documents being used by the Pakistan-linked APT group Transparent Tribe (APT36) to target Indian Government and Defense personnel. The campaign involves both credential phishing and deployment of malicious payloads,...
Estimated reading time: 13 minutes
Seqrite Labs APT team has uncovered new tactics of Pakistan-linked SideCopy APT deployed since the last week of December 2024. The group has expanded its scope of targeting beyond Indian government, defence, maritime sectors, and university students to now...
Estimated reading time: 8 minutes
Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics Contents Introduction Infection Chain Initial Findings Campaign 1 Looking into PDF document. Campaign 2 Looking into PDF document. Technical Analysis Campaign 1 & 2 Conclusion Seqrite Protection MITRE ATT&CK...Estimated reading time: 10 minutes
Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs. Contents Introduction Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious RAR File Stage 2 –...Estimated reading time: 10 minutes
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Contents Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Campaign 1 Looking into the malicious email Looking into decoy document. Campaign 2 Looking into the malicious...
Estimated reading time: 16 minutes
An open directory hosting malware linked to Transparent Tribe (APT36) has been found by SEQRITE Labs APT team. Further analysis revealed hidden URLs on the same domain containing payloads used by its sub-division APT group SideCopy. Targeting of Indian...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 3 minutes
Overview A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group utilizes phishing email attachments & URLs as the infection vector to download malicious archive files leading to the deployment of two...
Estimated reading time: 3 minutes
The SideCopy APT Group has expanded its activity this year and now targets critical Indian sectors this time. Quick Heal Security Labs researchers have been tracking the notorious cyber-attack group – ‘Transparent Tribe’ since the first SideCopy campaign in...
Estimated reading time: 4 minutes
Introduction: Researchers at Quick Heal Security Labs have uncovered a potential Spear Phishing campaign targeted against Indian Army personnel. In this attack, the attackers are using “Army Welfare Education Society” Scholarship form as lure. About AWES: Army Welfare Education...