Security News > 2023 > February > Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries

The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021.

The group has been linked to no less than 1,000 attacks against government organizations in the Asia-Pacific region since April 2020, according to a report from the Russian cybersecurity firm early last year.

The Singapore-headquartered company further said it uncovered evidence tying the actor to a 2020 attack aimed at the Maldivian government, in addition to establishing infrastructure and tactical overlaps between SideWinder, Baby Elephant, and DoNot Team.

"Since 2017, the number of 'Baby Elephant' attacks has doubled each year, and the attack methods and resources have gradually become richer, and the target has started to cover more areas in South Asia," the company was quoted as saying to Chinese state media outlet Global Times at the time.

Source code similarities have been unearthed between SideWinder as well as those used by other groups with a South Asian focus, such as Transparent Tribe, Patchwork, and DoNot Team.

"The group obviously has considerable financial resources and is most likely state-sponsored, given the fact that SideWinder has been able to be active for so long, develop new tools, and maintain a fairly large network infrastructure."

News URL

https://thehackernews.com/2023/02/researchers-link-sidewinder-group-to.html