BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

India Defense Sector Targeted by Pakistan-Linked RAT Campaigns

Pakistan-linked hackers deploy advanced malware in cyber espionage attacks on Indian defense targets.

  • Indian defense and government organizations have been targeted by sophisticated cyber espionage campaigns since at least February 2026.
  • Pakistan-aligned threat groups SideCopy and APT36 are deploying malware like Geta RAT, Ares RAT, and DeskRAT to steal data and maintain persistent access.
  • The attacks employ phishing emails with malicious links to deploy multi-stage payloads on both Windows and Linux systems.
  • These campaigns focus on stealth and long-term access by using memory-resident techniques and trusted regional infrastructure.

In a cybersecurity development of significant regional concern, India’s defense sector and government-aligned organizations have been subjected to a wave of espionage campaigns using advanced remote access trojans designed for long-term data theft. These operations, occurring as recent as February 2026, are attributed to sophisticated threat actors with suspected ties to Pakistan.

- Advertisement -

According to a report by Aryaka Vice President Aditya K. Sood, the threat groups Transparent Tribe (APT36) and its subdivision SideCopy are refining their espionage approach without major reinvention. “They are refining it,” Sood noted, emphasizing the actors’ focus on operational stealth and cross-platform capability.

Consequently, their methods leverage initial phishing emails that deliver malicious attachments like Windows shortcuts and PowerPoint Add-Ins. These then trigger multi-stage infection chains that deploy the final malware payloads, a tactic detailed by researcher Sathwik Ram Prakki on social media.

The primary malware includes Geta RAT for Windows, which can harvest credentials, capture screenshots, and exfiltrate data from USB devices. Meanwhile, a Linux variant uses a Go binary to drop a Python-based Ares RAT with similar post-compromise capabilities.

Another campaign, documented by Sekoia and QiAnXin XLab earlier, delivers a Golang malware called DeskRAT via rogue PowerPoint files. This persistent focus underscores an evolving toolkit for high-value targets within India’s strategic and critical infrastructure sectors.

- Advertisement -

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Saylor and Back oppose BIP-110 fork over Bitcoin security fears

Michael Saylor and Adam Back have publicly opposed BIP-110, a temporary Bitcoin fork proposal...

China, India groups target Pakistani police in cyber espionage

Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber...

AMD Stock Dips 10% Amid AI Volatility Ahead of Q3 Earnings

AMD stock fell nearly 10% from $580 on June 30 to roughly $516 by...

Bitcoin Creator Back Warns BIP-110 Data Limit Could Split Network

Adam Back said Bitcoin has "robustly rejected" BIP-110, arguing the proposal conflicts with the...

Must Read

What Are Anonymous Debit Cards And How Do They Work?

You've heard about anonymous debit cards, but what are they really? Anonymous Debit Cards are cards that let you make purchases without revealing your...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading