APT36 Targets Indian Entities With ElizaRAT Malware

stcpresearch @ Check Point Research

APT36 Targets Indian Entities With ElizaRAT Malware - 15d

Read more: research.checkpoint.com

APT36, a known advanced persistent threat group, is actively targeting Indian entities with a sophisticated malware called ElizaRAT. This malware is primarily designed for espionage, with a focus on data exfiltration and covert communication. Recent campaigns have shown significant improvements in ElizaRAT’s evasion techniques, making it a potent tool for persistent attacks. The malware leverages cloud-based services for communication and data exfiltration, enabling it to operate stealthily and evade detection. The integration of ApoloStealer into the latest ElizaRAT campaign further enhances its capabilities, allowing the threat actor to steal a wider range of sensitive data.

Original img attribution: https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/429/817/268/821/435/original/2a76697cb0380424.jpg

References:

GBHackers Security - APT36 Hackers Attacking Windows Deevices With ElizaRAT - 15d
@VirusBulletin - Check Point researchers outline the recent evolution of ElizaRAT, a custom implant deployed by Transparent Tribe (aka APT36) in targeted attacks on high-profile entities in India. - 15d
Check Point Research - Check Point researchers outline the recent evolution of ElizaRAT, a custom implant deployed by Transparent Tribe (aka APT36) in targeted attacks on high-profile entities in India. - 15d

Classification:

HashTags: APT36 ElizaRAT Espionage
Company: Schneider Electric
Target: Indian entities
Attacker: APT36
Product: ElizaRAT
Type: Malware
Severity: Major

This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.

FlagThis

APT36 Targets Indian Entities With ElizaRAT Malware - 15d

References:

Classification: