26 Apr
Unveiling APT36, Spreading Documents Employs Pahalgam Attack Theme
From 24’ April’2025, We observed Pakistan-Aligned Threat Actor called as TransparentTribe spreading Phishing PPT & PDF in Pahalgam Attack Themes. Phishing PDF shows that the target might be an Indian Government along with the normal Victim people. Though the infection chain looks simple, the PDF and PPT seems very promising to lure the user to click on the links and has embedded login page asks for the credentials ‘gov.in’ and ‘nic.in’ mail ids.
26 Apr
Multi layers of evasion techniques drops various Remote Access Trojan
We recently came across a phishing campaign where a malicious author sent an email, in which the author attached an HTML file. The infection flow involves multiple levels of evasion techniques, especially as the author used Kramer obfuscation method used by the author, a python script obfuscator available on GitHub, was used by the author. This campaign pretends to be consumer asking for a service and was directed at staff.