The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Transparent Tribe Evolves Tradecraft With Multi-Stage LNK Malware

Jan 12, 2026 1:55:19 PM / by The Hivemind posted in Threat Bulletin, APT36, Spear Phishing, Remote Access Trojan, cyber espionage, LNK Malware

0 Comments

Verticals Targeted: Government, Academia
Regions Targeted: India
Related Families: None

Executive Summary

APT36, also known as Transparent Tribe, a Pakistan-aligned threat actor, has launched a targeted cyber espionage campaign against Indian governmental, academic, and strategic entities using sophisticated deception techniques. The operation delivers a multi-stage Remote Access Trojan (RAT) through a weaponized LNK file disguised as a PDF, enabling persistent access, surveillance, and data exfiltration with minimal detection risk. The campaign has targeted government, academic, and strategic entities in India.

Read More

Mythic Leopard Uses CapraRAT to Target Indian Government Officials

Feb 22, 2022 3:20:55 PM / by PolySwarm Tech Team posted in Threat Bulletin, Espionage, India, APT36, Android, Pakistan, Mythic Leopard, CapraRAT

0 Comments

PolySwarm Threat Bulletin


Background

Cyble recently released a deep dive analysis of Mythic Leopard espionage activity leveraging CapraRAT Android spyware. This campaign targeted Indian government officials.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More