"SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities"
"SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities"
SideCopy, a Pakistan-linked threat actor, has been using the recent WinRAR security vulnerability in its attacks against Indian government entities to deliver various Remote Access Trojans (RATs) such as AllaKore RAT, Ares RAT, and DRat. The enterprise security company SEQRITE describes the campaign as multi-platform. The attacks are also designed to infiltrate Linux systems with a compatible version of Ares RAT. SideCopy has been active since at least 2019, and is known for its attacks on Indian and Afghan entities.