Suspected Pakistani advanced persistent threat operation Transparent Tribe, also known as APT36, Mythic Leopard, and Operation C-Major, has leveraged trojanized messaging apps MeetUp and MeetsApp to facilitate distribution of the CapraRAT backdoor to Android device users in India and Pakistan, The Hacker News reports.
Individuals targeted by the ongoing cyberespionage campaign have been lured to download the CapraRAT malware-laced messaging apps from fraudulent websites via a honeytrap romance scam, according to an ESET report.
CapraRAT, which was found to have similarities with the CrimsonRAT Windows malware, features screenshot and photo capturing, phone call and audio recording, and data exfiltrating capabilities.
Prior to the ongoing cyberespionage campaign, Transparent Tribe has been noted to be involved in malicious Kavach two-factor authentication tool attacks against Indian government entities.
Indian government organizations were also noted by ThreatMon to be recently subjected to a spear-phishing campaign by SideCopy attackers aimed at distributing an updated ReverseRAT backdoor.
Application security, Malware, Vulnerability Management
Trojanized messaging apps used for CapraRAT deployment
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds