Double Action, Triple Infection, and a New RAT SideCopy’s Persistent Targeting of Indian Defence
Double Action, Triple Infection, and a New RAT SideCopy’s Persistent Targeting of Indian Defence
A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group uses phishing email attachments and URLs to deliver malicious archive files, which deploy two different Action Remote Access Trojan (RAT) payloads and a new .NET-based RAT into the victims’ systems. The campaign came to light after a senior DRDO scientist was arrested for leaking sensitive information to Pakistani agents who had honey-trapped him.
This whitepaper discusses the modus operandi of SideCopy APT in detail, which involves multiple infection chains and uses various decoy themes to lure victims.
In this whitepaper, you will learn about:
The themes of the three infection chains used in the attacks.
Adoption of the honey-trapping method.
Name of the domain from which the infection chains downloaded additional payloads.
Stage-by-stage attack pathways.
You must have JavaScript enabled in your browser to utilize the functionality of this website.
Please fill the form to download the white paper.
Request a call from Sales Team
Our experts will help you choose the right product.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing this website, you agree to our cookie policy.
