Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials

A new, specifically targeted phishing campaign has focused on the Kavach two-factor authentication system, which is utilised by Indian government employees.

The activity was called STEPPY#KAVACH by the cybersecurity company Securonix, which attributed it to the threat actor SideCopy based on tactical similarities to other operations.

In a recent report, Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov stated that “.LNK files are used to commence code execution which finally downloads and runs a malicious C# payload, which operates as a remote access trojan (RAT)”.

According to reports, the hacking group SideCopy, which has been active at least since 2019, has connections to Transparent Tribe, another actor (aka APT36 or Mythic Leopard) read the complete article Kavach 2FA Phishing Attacks Targeting Indian Govt Officials.

Leave a Reply

Your email address will not be published. Required fields are marked *