Operation ShadowCat: Targeting Indian Political Observers via a Stealthy RAT - #ShadowCat
Operation ShadowCat is a sophisticated cyberattack campaign targeting individuals interested in Indian political affairs, employing deceptive techniques to deliver a powerful Remote Access Trojan (RAT) written in Go. The attack uses a malicious shortcut file to initiate a multi-stage infection process, involving PowerShell commands, steganographic images, and advanced payload injection methods. The RAT enables extensive control over compromised machines, supporting various malicious activities like ransomware, lateral movement, and data exfiltration. While complex, mitigation measures include caution with email attachments, network monitoring, whitelisting, and robust antivirus solutions.