In its espionage strikes against Indian military and diplomatic establishments, a politically motivated advanced persistent threat (APT) group has added a new remote access trojan (RAT) to its malware arsenal.
The implant, dubbed CapraRAT by Trend Micro, is an Android RAT with a high “degree of crossover” with another Windows virus known as CrimsonRAT, which is linked to Earth Karkaddan, a threat actor also known as APT36, Operation C-Major, PROJECTM, Mythic Leopard, and Transparent Tribe.