• First known sample

  • Discovery

  • Current status

  • Type

  • Targeted platforms

    Android , Windows
  • TOP targeted countries

    Afghanistan , India , Pakistan
  • The way of propagation

    USB drives , Malicious documents spread via spear-phishing , Mobile applications
  • Purpose/Functions

    Cyberespionage , Data theft
  • Special features

    Transparent Tribe has two modules that are capable of stealing files from removable drives—USB Driver and USB Worm. In 2020, the APT group was seen taking advantage of a COVID-19 tracking app to target Indian government and military personnel.

  • Targets

    Government entities , Military
  • Description

    This highly prolific cyberespionage group, also known as ProjectM and Mythic Leopard, has been active since at least 2013 and typically targets Indian military and government personnel.  Their main malware is a custom .NET RAT known publicly as Crimson RAT, which is spread via malicious documents with an embedded macro, but they’ve begun using other custom malware. Their sophistication has grown this past year, as well as their focus on Afghanistan.

    Additional information