"APT36 State Hackers Infect Android Devices Using YouTube App Clones"

The APT36 hacking group, also known as Transparent Tribe, has been using at least three YouTube-mimicking Android apps to infect devices with their signature Remote Access Trojan (RAT) called CapraRAT. Once the malware has been installed on a victim's device, it can extract data, record audio and video, and access sensitive communication information, functioning as a spyware tool. APT36 is a Pakistan-aligned threat actor notorious for using malicious Android apps to target Indian defense and government entities, those dealing with Kashmir region affairs, and human rights activists. The latest campaign was discovered by SentinelLabs, which warns military and diplomacy organizations in India and Pakistan to be cautious about YouTube Android apps hosted on third-party sites. This article continues to discuss the APT36 hacking group using Android apps that mimic YouTube to infect devices with CapraRAT.

Bleeping Computer reports "APT36 State Hackers Infect Android Devices Using YouTube App Clones"

Submitted by grigby1 CPVI on