Indian defence personnel have been attacked by Android RAT Group since 2021
Malicious Android software has been found targeting Indian defence personnel since, at least, July 2021. Threat actors are utilising a Spymax RAT variant, which is a remote access trojan. Research team could not tie the present attack to a specific nation-state threat group.
Since, at least, July 2021, a malicious Android installation program has been found targeting Indian defence personnel.
The information comes from an external threat landscape management platform Cyfirma report, which the company shared with Infosecurity. Further investigation by the firm found that the threat actors behind the tool were utilising a Spymax RAT variant, which is a remote access trojan.
The research team stated that, based on the data reviewed, they could not tie the present attack to a specific nation-state threat actor group.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.