"New CapraRAT Android Malware Targets Indian Government and Military Personnel"

APT36, also known as Earth Karkaddan, is a politically motivated Advanced Persistent Threat (APT) group believed to be operational since at least 2013 and composed of threat actors in Pakistan. In 2016, the group was found distributing information-stealing malware through the delivery of phishing emails containing malicious PDF attachments targeting Indian military and government personnel. According to researchers at Trend Micro, the group is using a new Android Remote Access Trojan (RAT) called CapraRAT in its espionage attacks against Indian military and diplomatic entities. The new CapraRAT Android malware appears to have a high degree of crossover with CrimsonRAT, another Windows malware associated with APT36. CapraRAT, which is disguised as a YouTube app, has various data exfiltration functions, including collecting victims' locations, phone logs, and contact information. This article continues to discuss APT36, CapraRAT, CrimsonRAT, and what users should do to protect themselves from such Android RATs. 

THN reports "New CapraRAT Android Malware Targets Indian Government and Military Personnel"