SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT
Posted: Sat Dec 14, 2024 3:51 pm
SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat.
The threat actor has been observed to have conducted concurrent campaigns every month, according to reports. Recent campaigns showed that there were additional stages of exploitation used, which involved a . NET-based RAT called “Double Action RAT.”
https://cybersecuritynews.com/sidecopy-winrar-zero-day/
The threat actor has been observed to have conducted concurrent campaigns every month, according to reports. Recent campaigns showed that there were additional stages of exploitation used, which involved a . NET-based RAT called “Double Action RAT.”
https://cybersecuritynews.com/sidecopy-winrar-zero-day/