SYMBOL | COMMON_NAME | aka. SYNONYMS |
An actor mainly targeting Pakistan military targets, active since at least 2012. We have low confidence that this malware might be authored by an Indian company. To spread the malware, they use unique implementations to leverage the exploits of known vulnerabilities (such as CVE-2017-11882) and later deploy a Powershell payload in the final stages.
There are currently no families associated with this actor.
2021-03-04 ⋅ Malpedia ⋅ Malpedia Page for family Sidewinder SideWinder SideWinder |
2020-12-09 ⋅ Trend Micro ⋅ SideWinder Leverages South Asian Territorial Issues for Spear Phishing and Mobile Device Attacks Meterpreter SideWinder SideWinder |
2020-12-09 ⋅ AlienVault OTX ⋅ SideWinder APT South Asian Territorial Themed Spear Phishing and Mobile Device Attacks SideWinder SideWinder |
2020-01-06 ⋅ Trend Micro ⋅ First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group SideWinder |
2019-02-26 ⋅ Tencent ⋅ Disclosure of SideWinder APT's attack against South Asia SideWinder SideWinder |
2018-07-16 ⋅ Medium Sebdraven ⋅ APT Sidewinder: Tricks powershell, Anti Forensics and execution side loading SideWinder SideWinder |
2018-05-23 ⋅ Tencent ⋅ SideWinder“响尾蛇”APT组织(T-APT-04):针对南亚的定向攻击威胁 SideWinder SideWinder |
2018-04-12 ⋅ Kaspersky Labs ⋅ APT Trends report Q1 2018 SideWinder |
2014-08-08 ⋅ FireEye ⋅ Sidewinder Targeted Attack Against Android in the Golden Age of AD Libraries SideWinder |