Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

The Bitter APT group, active since 2013 and linked to South Asian governments, targeted a Turkish defense sector organization in November 2024. The attack used a decoy file and alternate data streams to deliver WmRAT and MiyaRAT malware, capable of remote access and data theft. Bitter has a history of targeting entities in Asia and deploying Android malware strains, suggesting intelligence collection efforts for a South Asian government.