APT36 Malware Campaign Using Desktop Entry Files and Google Drive Payload Delivery
released on 2025-08-21 @ 09:05:43 PM
Pakistan-linked APT36 (Transparent Tribe) launched a new cyber-espionage campaign targeting Indian government and defense entities. Active in August 2025, the group used phishing ZIP files containing malicious Linux “.desktop” shortcuts that downloaded payloads from Google Drive.