Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT.
“The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT.
“The campaign opens with a spear phishing delivery – a ZIP archive containing a malicious LNK file bearing a carefully crafted Pashto-language filename,” The Hacker News