SideWinder targets Pakistan with new espionage tool

Cyber criminals' group targets military and govt entities in several countries

Zafar Bhutta October 24, 2024
facebook whatsup linkded
photo reuters
PHOTO: REUTERS
print-news
ISLAMABAD/ PAKISTAN:

SideWinder, also known as T-APT-04 or 'RattleSnake', is one of the most prolific APT groups, having commenced operations in 2012.

Over the years, the group has primarily targeted military and government entities in Pakistan, Sri Lanka, China and Nepal as well as other sectors and countries in South and Southeast Asia.

Its other targets include logistics and infrastructure, telecommunications companies, financial institutions, universities and oil trading companies.

Recently, Kaspersky Global Research and Analysis Team (GReAT) detected that the SideWinder APT group is expanding its attack operations into the Middle East and Africa, utilizing a previously unknown espionage toolkit called 'StealerBot'.

StealerBot is an advanced modular implant designed specifically for espionage activities. Kaspersky discovered that recent campaigns have been targeting high-profile entities and strategic infrastructures in these regions, while the campaign in general remains active and may threaten other victims.

During its latest investigation, Kaspersky observed that 'StealerBot' is performing a range of malicious activities, such as installing additional malware, capturing screenshots, logging keystrokes, stealing passwords from browsers, intercepting RDP (Remote Desktop Protocol) credentials, exfiltrating files, and more.

"In essence, 'StealerBot' is a stealthy espionage tool that allows threat actors to spy on systems while avoiding easy detection and operates through a modular structure, with each component designed to perform a specific function," Giampaolo Dedola, lead security researcher at Kaspersky's GReAT, said.

"Notably, these modules never appear as files on the system's hard drive, as instead they are loaded directly into the memory, making them difficult to trace."
facebook whatsup linkded

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ

Join Us

Entertainment

article

Diddy Combs under investigation for coercive ‘Freak Off’ parties linked to VMAs and Super Bowl
VIEW MORE

LATEST

rule of law shall rule on new cj s watch

'Rule of law shall rule' on new CJ's watch

dozens attack prisoner vans near islamabad

Dozens attack prisoner vans near Islamabad

10 fc men martyred in di khan terrorist attack

10 FC men martyred in DI Khan terrorist attack

isa gets tongue lashing from shah as he hangs up robes

Isa gets tongue lashing from Shah as he hangs up robes

over 367 students offered hungaricum scholarships

Over 367 students offered Hungaricum scholarships

3 soldiers killed in iiojk

3 soldiers killed in IIOJK

OPINION

the overlook maze

The Overlook maze

indo pak ties the illusion of diplomacy at sco summit

Indo-Pak ties: the illusion of diplomacy at SCO Summit

hec s new undergraduate policy a path forward

HEC's new undergraduate policy: a path forward

out of 100 billion

Out of $100 billion

great power struggle for undersea cable dominance

Great power struggle for undersea cable dominance

we are all the united nations

We are all the United Nations

FOLLOW US

This material may not be published, broadcast, rewritten, redistributed or derived from. Unless otherwise stated, all content is copyrighted © 2024 The Express Tribune.