Post

TAG-140 Deploys DRAT V2 RAT: Targeting Indian Government and Defense Sectors

Discover how the TAG-140 hacking group is using a modified DRAT V2 RAT to target Indian government and defense sectors, posing significant cybersecurity threats.

Posted
By Tom Grant
1 min read
TAG-140 Deploys DRAT V2 RAT: Targeting Indian Government and Defense Sectors

TL;DR

The hacking group TAG-140, linked to Pakistan, has been targeting Indian government and defense organizations using a modified DRAT V2 RAT. This cyber-espionage campaign highlights the evolving threats in the region, emphasizing the need for enhanced cybersecurity measures.

TAG-140 Deploys DRAT V2 RAT: Targeting Indian Government and Defense Sectors

A hacking group with ties to Pakistan has been found targeting Indian government organizations with a modified variant of a remote access trojan (RAT) called DRAT. This activity has been attributed by Recorded Future’s Insikt Group to a threat actor tracked as TAG-140, which overlaps with SideCopy, an adversarial collective assessed to be an operational sub-cluster1.

Key Highlights

  • Threat Actor: TAG-140, linked to Pakistan and overlapping with SideCopy.
  • Target: Indian government, defense, and rail sectors.
  • Malware: Modified DRAT V2 RAT.
  • Impact: Significant cybersecurity threats to critical infrastructure.

Details of the Cyber-Espionage Campaign

The cyber-espionage campaign involves the use of DRAT V2, a sophisticated remote access trojan designed to infiltrate and control targeted systems. This modified variant showcases the evolving tactics of TAG-140, posing a substantial threat to India’s national security2.

Implications for Cybersecurity

This incident underscores the need for robust cybersecurity measures in the Indian government and defense sectors. Organizations must enhance their cyber defenses to counter such advanced persistent threats (APTs).

Conclusion

The deployment of DRAT V2 RAT by TAG-140 highlights the ongoing cybersecurity challenges faced by India. As threat actors continue to evolve their tactics, it is crucial for targeted sectors to stay vigilant and implement proactive cybersecurity strategies to mitigate risks.

Additional Resources

For further insights, check:

References

  1. The Hacker News (2025). “TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors”. The Hacker News. Retrieved 2025-07-07. ↩︎

  2. Recorded Future’s Insikt Group (2025). “DRAT V2 RAT Analysis”. Recorded Future. Retrieved 2025-07-07. ↩︎

Cybersecurity & Data Protection, Cyber Attacks
cybersecurity threat-intelligence rat
This post is licensed under CC BY 4.0 by the author.