A new malware campaign by Pakistan-linked Transparent Tribe was found targeting Indian government entities with trojanized strains of a 2FA solution, named Kavach. APT-36 has registered several domains spoofing Indian government organization sites to launch credential harvesting and phishing attacks.