Tag: apt36

2 Attack Reports | 0 Vulnerabilities

Attack reports

Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT

APT36, also known as Transparent Tribe, is a Pakistan-based threat actor targeting Indian government and military entities. Their campaigns utilize ElizaRAT, a Windows Remote Access Tool that has evolved to enhance evasion techniques and C2 communication. Recent campaigns employ cloud services like…
espionage
rat
stealer
transparent tribe
apt36
cloud services
2024-11-04
apolostealer
Published: November 4, 2024
Downloadable IOCs: 23

OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe

This investigation tracked infrastructure linked to the APT group Transparent Tribe, identifying 15 malicious hosts on DigitalOcean serving as command-and-control servers for the Mythic exploitation framework. The group employs Linux desktop entry files as an attack vector, targeting individuals in…
linux
india
c2
poseidon
mythic
2024-09-30
apt36
desktop entry
osint
digitalocean
jarm
Published: September 30, 2024
Downloadable IOCs: 19
Click here to see more Attack Reports