APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
Summary
APT36 and SideCopy are targeting Indian defense and government entities with cross-platform RAT campaigns. These campaigns utilize malware families like Geta RAT, Ares RAT, and DeskRAT to compromise Windows and Linux systems, steal data, and maintain access.
IFF Assessment
The article describes active campaigns deploying RATs, which allows attackers to compromise systems and steal data.
Severity
Defender Context
Defenders need to be vigilant for indicators of compromise related to Geta RAT, Ares RAT, and DeskRAT, especially in Indian defense and government networks. Cross-platform attacks are increasingly common, requiring security measures to cover both Windows and Linux environments. Defenders must prioritize network segmentation, robust endpoint detection and response (EDR) solutions, and up-to-date threat intelligence.