
Cybercriminals exploit India’s tax filing season with a dual-malware campaign
Cybercriminals are exploiting India’s tax filing season with a new malware campaign that refuses to put all its eggs in one basket.
Researchers at Cyderes have uncovered a sophisticated phishing operation that poses as the Indian Tax Department to deliver two remote access trojans (RATs) through a multi-stage infection chain, giving attackers persistent access to compromised systems.
Indians receive fake tax assessment emails that pressure them into downloading what appears to be an official ITR utility. But the convincing government branding hides a carefully engineered infection sequence that abuses legitimate Windows binaries, DLL side-loading, in-memory execution, and process injection t...