APT 36 was found attacking the aerospace, defense, and government sectors of India. Targets generally open a lure on a popular web service such as Discord, Google Drive, Slack, or Telegram, which distributes malware written in a cross-platform programming language such as Golang, Python, or Rust. The emphasis on cross-platform portability is a result of APT 36 placing recent emphasis on gaining access to India’s internally developed Linux-based operating system, MayaOS.