Security News > 2022 > May > APT gang 'Sidewinder' goes on two-year attack spree across Asia

APT gang 'Sidewinder' goes on two-year attack spree across Asia
2022-05-12 08:04

The advanced persistent threat gang known as SideWinder has gone on an attack spree in the last two years, conducting almost 1,000 raids and deploying increasingly sophisticated attack methods.

Noushin Shaba, a senior security researcher on Kaspersky's global research and analysis team, today told the Black Hat Asia conference that SideWinder mostly targets military and law enforcement agencies in Pakistan, Bangladesh and other South Asian nations.

The gang has previously been associated with Indian actors, but Shaba said previous indicators that led to that attribution have disappeared - she was not confident tying the group to any nation.

The group uses a four-stage process to attack targets, with the file types mentioned usually the first step as they deploy scripts that contact a network of servers hosted at over 400 domains.

Happily, defending against the group's activities starts with basic tactics such as keeping software patched, as SideWinder targets unpatched productivity software.

Patching efforts may not defeat all comers - Shaba said SideWinder has been so successful it has inspired an imitator named SideCopy that uses some of its techniques and code.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/12/sidewinder_apt_attack_spree/