The threat actor APT36 targeted Indian government and military organizations with three malicious implants, including CrimsonRAT. APT36 used fake domains that mimicked legitimate government, military, and defense organizations in order to deliver malicious payloads.
- Indian government and military officials
Suspected state sponsor
Type of incident
Victim government reaction