Targeting of Indian two-factor authentication tool Kavach
Date of report
  • February 2023
Pakistani threat actor APT 36 targeted Indian government entities with a spear-phishing campaign that used a new version of ReverseRAT malware. The attacks aimed to compromise Kavach, a two-factor authentication system the Indian government used to secure its systems.
Suspected victims
  • Kavach, a two-factor authentication system used by Indian government agencies
Suspected state sponsor
  • Pakistan
Type of incident
  • Espionage
Target category
  • Government
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response