SideCopy Leverages Multi-platform RAT, Assaults Indian Government Entities

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A threat actor linked to Pakistan named SideCopy is capitalizing on WinRAR’s CVE-2023-38831 vulnerability to target Indian government agencies. This security vulnerability facilitates distribution of various trojans, enabling attackers to gain remote access to compromised systems. The latest campaign is multi-platform and includes attacks designed to use an Ares RAT to infiltrate Linux computers.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.