Tag: SideCopy Exploiting WinRAR Flaw

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
News

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

The threat actor with ties to Pakistan, SideCopy, has been seen using the WinRAR security flaw in its assaults against Indian government institutions to spread trojans that provide remote access, including DRat, Ares RAT, and AllaKore RAT. According to enterprise security firm SEQRITE, the campaign is multi-platform and includes attacks aimed at infiltrating Linux computers through an Ares RAT compatible version. Since at least 2019, SideCopy has been recognized for attacking organizations in Afghanistan and India. It is believed to be a branch of the Transparent Tribe actor group (also known as APT36). In order to aggressively target India, SideCopy and APT36 both share infrastructure and code, according to a paper released on Monday by SEQRITE researcher Sathwik Ram Prakki read mo...