Estimated reading time: 5 minutes
Table of content: Introduction Overview of Threat actor. Infection Chain. Attack tactics & Approach: Impersonating a Fake Company: Phishing Communication: Malicious Software Deployment: Infection Chain Technical Analysis of GrassCall.exe: Analysis of Rhadamanthys malware TTPs: Preventive measures: IoCs & Detections...
Estimated reading time: 3 minutes
Phishing has drastically transformed from its early days as a simple scam targeting unwary email users. Modern phishing techniques—dubbed “Phishing 2.0″—are more complex, highly tailored, and designed to bypass even the most robust security systems. In this blog, we’ll...
Estimated reading time: 3 minutes
We are observing a rise in fake websites offering investment-related services. Many of these impersonate well-known brands by creating replicas of their official websites. Unsuspecting visitors interact with these fake websites, fall victim to scams, and lose large sums...
Estimated reading time: 5 minutes
How To Defend Against Advanced Persistent Threats (APTs): A Comprehensive Approach In today’s time, one of the most formidable threats organizations face today is the Advanced Persistent Threat (APT). These sophisticated, targeted attacks are designed to infiltrate networks, steal...
Estimated reading time: 16 minutes
An open directory hosting malware linked to Transparent Tribe (APT36) has been found by SEQRITE Labs APT team. Further analysis revealed hidden URLs on the same domain containing payloads used by its sub-division APT group SideCopy. Targeting of Indian...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 4 minutes
Zloader aka Terdot – a variant of the infamous Zeus banking malware is well known for aggressively using “.xls”, “.xlsx” documents as its initial vector to deliver its payload. Despite this, recently we have come across “.docm” file which...
Estimated reading time: 2 minutes
Whaling attacks are a deadly combination of spear-phishing and social engineering. Like phishing attacks, the attempts of the perpetrators are similar – to get a target to reveal confidential data or even get tricked and send money. But whaling...