Tag: poseidon

5 Attack Reports | 0 Vulnerabilities

Attack reports

Indian Infrastructure Targeted with Desktop Lures and Poseidon Backdoor

APT36, a Pakistan-linked threat group, has expanded its operations to target Indian government and civilian infrastructure, including railways, oil & gas, and the Ministry of External Affairs. The group employs sophisticated phishing techniques and novel payload strategies, using .desktop files dis…
phishing
india
poseidon
infrastructure
government impersonation
2025-08-01
poseidon backdoor
mythic framework
desktop lures
Published: August 1, 2025
Downloadable IOCs: 36

AMOS Variant Distributed Via Clickfix In Spectrum-Themed Dynamic Delivery Campaign By Russian Speaking Hackers

A sophisticated campaign using typo-squatted 'Spectrum' domains has been uncovered, spreading a new Atomic macOS Stealer (AMOS) variant. The attack, disguised as a CAPTCHA verification, employs dynamic payloads based on the victim's operating system. For macOS users, a malicious shell script steals…
social engineering
typosquatting
credential theft
clickfix
poseidon
amos
2025-06-04
dynamic payload
spectrum
multi-platform attack
macos stealer
Published: June 4, 2025
Downloadable IOCs: 4

OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe

This investigation tracked infrastructure linked to the APT group Transparent Tribe, identifying 15 malicious hosts on DigitalOcean serving as command-and-control servers for the Mythic exploitation framework. The group employs Linux desktop entry files as an attack vector, targeting individuals in…
linux
india
c2
poseidon
mythic
2024-09-30
apt36
desktop entry
osint
digitalocean
jarm
Published: September 30, 2024
Downloadable IOCs: 19

A SOC Team’s Guide to Detecting macOS Atomic Stealers

This article provides an analysis of the Atomic Infostealer malware family, which has been targeting macOS users throughout 2024. It discusses the various evolving variants, such as Amos, Banshee, Cthulu, Poseidon, and RodrigoStealer, developed and distributed by competing threat actor groups. The …
malware
obfuscation
infostealer
macos
crimeware
poseidon
2024-09-13
rodrigostealer
cthulu
amos atomic
banshee
Published: September 13, 2024
Downloadable IOCs: 3

Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India

This report examines the convergence of tactics employed by Pakistani cyber threat groups, including Transparent Tribe, SideCopy, and RusticWeb, targeting Indian government entities and critical infrastructure. It uncovers overlaps in their infrastructure, tactics, and payloads, suggesting coordina…
apt
espionage
crimson rat
pakistan
action rat
reverse rat
india
disgomoji
2024-07-29
poseidon
geta rat
Published: July 29, 2024
Downloadable IOCs: 89
Click here to see more Attack Reports