A highly targeted spear phishing campaign attributed with medium-to-high confidence to SideCopy, a Pakistan-linked Advanced Persistent Threat (APT) group operating under the broader Transparent Tribe / APT36 umbrella. According to Seqrite, the campaign surgically targets Afghanistan’s Ministry of Finance (MoF) and all 34 provincial revenue directorates (Mustoufiats), ultimately deploying a customized XenoRAT 1.8.7 implant beaconing to bulletproof European infrastructure. The attack opens […]
The post SideCopy APT Deploys XenoRAT to Target Afghanistan Finance Ministry appeared first on Cyber Security News.