Estimated reading time: 20 minutes
An open directory hosting malware linked to Transparent Tribe (APT36) has been found by SEQRITE Labs APT team. Further analysis revealed hidden URLs on the same domain containing payloads used by its sub-division APT group SideCopy. Targeting of Indian...
Estimated reading time: 13 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 4 minutes
Overview A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group utilizes phishing email attachments & URLs as the infection vector to download malicious archive files leading to the deployment of two...
Estimated reading time: 3 minutes
The SideCopy APT Group has expanded its activity this year and now targets critical Indian sectors this time. Quick Heal Security Labs researchers have been tracking the notorious cyber-attack group – ‘Transparent Tribe’ since the first SideCopy campaign in...
Estimated reading time: 5 minutes
Introduction: Researchers at Quick Heal Security Labs have uncovered a potential Spear Phishing campaign targeted against Indian Army personnel. In this attack, the attackers are using “Army Welfare Education Society” Scholarship form as lure. About AWES: Army Welfare Education...
Estimated reading time: 2 minutes
Making accurate predictions, especially for cybersecurity needs years of experience — 2020 was a different situation altogether. Amidst many forecasts, no one predicted the onslaught of a global pandemic that would disrupt the world as we know it, baffling...
Estimated reading time: 5 minutes
A few months back, Delphibased malware was being distributed on multiple systems via SMB exploit. The payloads used by this malware have close similarities with open-source Gh0stRAT code. Gh0st has been used by Chinese threat actors to target multiple...
Estimated reading time: 2 minutes
In the current modern era of information warfare, securing military assets has become strategically very important. Recently, Seqrite reported on Operation ‘Honey Trap’, an operation launched by a Pakistan-linked threat actor allegedly, which targeted employees from Indian defence organizations....
Estimated reading time: 3 minutes
An insight into Transparent Tribe’s sub-division which has been incorrectly attributed for years. Introduction Quick Heal’s threat intelligence team recently uncovered evidence of an advanced persistent threat (APT) against Indian defence forces. Our analysis shows that many old campaigns...
Estimated reading time: 5 minutes
From the past few months, we have been monitoring cyber-threats on MSME [Micro, Small and Medium Enterprises] sector within India. MSME sector is considered to be the backbone of the Indian economy. MSME employs around 40% of the country’s...