Skip to Content

SideWinder APT spear-phishing operations

Updated on 2022-12-16

QiAnXin reported on recent SideWinder APT spear-phishing operations

Updated on July 2022: Sidewinder compromises Pakistani Air Force

On a similar note, Check Point said it had “evidence suggesting that Pakistan Air Force’s Headquarters was a victim of a successful attack conducted by Sidewinder, a suspected India-based APT group.” The compromise allegedly took place in May 2022, according to the security firm.


Group-IB researchers have discovered a new malicious infrastructure and a custom tool of the APT group SideWinder (aka Rattlesnake, Hardcore Nationalist, RAZOR TIGER, T-APT-04, and APT-C-17), a threat actor that is believed to be originating from India and primarily targeting Pakistan. The newly discovered custom tool codenamed SideWinder.AntiBot.Script, is being used in the gang’s phishing attack against Pakistani targets.

    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on