Cisco Talos’ previous research has mainly linked this group to CrimsonRAT, but new campaigns show they are expanding their Windows malware arsenal with ObliqueRAT. While military and defense personnel continue to be the group’s primary targets, Transparent Tribe is increasingly targeting diplomatic entities, defense contractors, research organizations and conference attendees. The variety of maldoc lures the group employs indicates the group still relies on social engineering as a core component of its operations. The attackers use fake domains masquerading as legitimate Indian defense and government-related websites, and malicious domains posing as content-hosting sites.”]
Source: https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html

