Cybercriminals are leveraging India's tax filing season to spread a dual-malware campaign, posing as the Indian Tax Department to deliver two remote access trojans (RATs) through a multi-stage infection chain1. The sophisticated phishing operation begins with fake tax assessment emails that prompt recipients to download a malicious utility disguised as an official ITR tool. This initial download sets off a chain reaction, ultimately granting attackers persistent access to compromised systems. The use of dual RATs allows attackers to maintain control over infected systems, even if one malware variant is detected and removed. This campaign highlights the importance of vigilance during tax filing season, as cybercriminals continue to exploit trusted government brands to trick victims. So what matters to practitioners is that staying informed about emerging threats, such as this dual-malware campaign, is crucial to maintaining effective defenses against cyberattacks.
Cybercriminals exploit India’s tax filing season with a dual-malware campaign
⚡ High Priority
Why This Matters
Security developments continue reshaping the threat landscape — staying informed is the first line of defense.
References
- CSO Online. (2026, July 8). Cybercriminals exploit India’s tax filing season with a dual-malware campaign. CSO Online. https://www.csoonline.com/article/4194440/cybercriminals-exploit-indias-tax-filing-season-with-a-dual-malware-campaign.html
Original Source
CSO Online
Read original →