White Papers

Learn more about the security solutions offered by Seqrite to enable safe business operations

Double Action, Triple Infection, and a New RAT SideCopy’s Persistent Targeting of Indian Defence

A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group uses phishing email attachments and URLs to deliver malicious archive files, which deploy two different Action Remote Access Trojan (RAT) payloads and a new .NET-based RAT into the victims’ systems. The campaign came to light after a senior DRDO scientist was arrested for leaking sensitive information to Pakistani agents who had honey-trapped him.

This whitepaper discusses the modus operandi of SideCopy APT in detail, which involves multiple infection chains and uses various decoy themes to lure victims.

In this whitepaper, you will learn about:

  • The themes of the three infection chains used in the attacks.
  • Adoption of the honey-trapping method.
  • Name of the domain from which the infection chains downloaded additional payloads.
  • Stage-by-stage attack pathways.

You must have JavaScript enabled in your browser to utilize the functionality of this website.

Please fill the form to download the white paper.

Can't read the image? Click here to refresh

By submitting this form you agree to the Website Terms of Use, consent to be contacted by SEQRITE and its partners, and acknowledge the Privacy Policy.