Updated on 2022-12-29: STEPPY#KAVACH APT
Securonix has a report out on a spear-phishing campaign linked to the STEPPY#KAVACH APT that targeted Indian government officials. Securonix researchers described STEPPY#KAVACH as having “many common TTPs with the SideCopy/APT36 threat actors” that were previously linked to the Pakistan government.
Overview
Indian government officials were targeted in a new phishing campaign, dubbed STEPPY#KAVACH, that was attributed to a threat actor whose tactics overlapped with the SideCopy hacker group. Read more: New STEPPY#KAVACH Attack Campaign Likely Targeting Indian Government: Technical Insights and Detection Using Securonix