Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
23-Dec-22
A new, specifically targeted phishing campaign has focused on the Kavach two-factor authentication system, which is utilised by Indian government employees. The activity was called STEPPY#KAVACH by the cybersecurity company Securonix, which attributed it to the threat actor SideCopy based on tactical similarities to other operations.
In a recent report, Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov stated that “.LNK files are used to commence code execution which finally downloads and runs a malicious C# payload, which operates as a remote access trojan (RAT)”.
