In a recent cyber campaign attributed to APT36, a known threat actor based in Pakistan, Indian government entities have been targeted through spear-phishing strategies. The malware involved in these attacks is identified as DeskRAT, which is created using the Go programming language and specifically designed for remote access. This aggressive campaign showcases the ongoing threat to critical government infrastructure and the innovative methods employed by cybercriminals to exploit vulnerabilities and gain unauthorized access.
The attacks, observed during August and September 2025 by cybersecurity firm Sekoia, underline the persistent risk posed by APT36, a group that has been active since at least 2013. The sophistication of their methods and persistent targeting of governmental and strategic entities suggest a significant intent behind these operations. The reliance on malware designed for stealth and control, like DeskRAT, reflects an evolved attack strategy and necessitates a heightened posture toward cybersecurity defenses within the targeted sectors.
👉 Pročitaj original: The Hacker News
