The new malicious activity of the SideCopy threat actors is the attack campaign STEPPY#KAVACH, which was notably active in 2021 and was originally related to Pakistan. The most recent malicious attack campaign we observed began with infection via a targeted phishing attempt.