APT36 Targets Indian Entities With ElizaRAT Malware

research.checkpoint.com

APT36 Targets Indian Entities With ElizaRAT Malware - 1d

Read more: research.checkpoint.com

APT36, a known advanced persistent threat group, is actively targeting Indian entities with a sophisticated malware called ElizaRAT. This malware is primarily designed for espionage, with a focus on data exfiltration and covert communication. Recent campaigns have shown significant improvements in ElizaRAT’s evasion techniques, making it a potent tool for persistent attacks. The malware leverages cloud-based services for communication and data exfiltration, enabling it to operate stealthily and evade detection. The integration of ApoloStealer into the latest ElizaRAT campaign further enhances its capabilities, allowing the threat actor to steal a wider range of sensitive data.

Original img attribution: https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/429/817/268/821/435/original/2a76697cb0380424.jpg

References:

GBHackers Security - APT36 Hackers Attacking Windows Deevices With ElizaRAT - 1d
@VirusBulletin - Check Point researchers outline the recent evolution of ElizaRAT, a custom implant deployed by Transparent Tribe (aka APT36) in targeted attacks on high-profile entities in India. - 1d
research.checkpoint.com - Check Point researchers outline the recent evolution of ElizaRAT, a custom implant deployed by Transparent Tribe (aka APT36) in targeted attacks on high-profile entities in India. - 1d

Classification:

HashTags: APT36 ElizaRAT Espionage
Company: Schneider Electric
Target: Indian entities
Attacker: APT36
Product: ElizaRAT
Type: Malware
Severity: Major

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find FlagThis at Mastodon.