Indian Defense Sector and Government Entities Targeted by APT36 and SideCopy

Organizations in the Indian defense sector and government entities have been targeted by several campaigns aimed at compromising Windows and Linux environments with remote access Trojans. These attacks, attributed to the groups APT36 and SideCopy, deploy the malware families Geta RAT, Ares RAT, and DeskRAT. These tools enable the theft of sensitive data and ensure persistent access to infected machines. The campaigns demonstrate a multi-platform capability specifically targeting Indian infrastructure.