Server-based polymorphism leveraged in new SideWinder APT attacks

11 May 2023

Suspected Indian state-backed advanced persistent threat operation SideWinder also known as APT-C-17, T-APT-4, APT-Q-39, Rattlesnake, Hardcore Nationalist, and Razor Tiger has been utilizing server-based polymorphism to facilitate next-stage backdoor delivery in a cyberattack campaign that initially targeted Pakistan government entities in late November before setting sights on Turkey beginning in March, reports The Hacker News. Attacks by SideWinder involved the use of Pakistan Navy War College lure documents that leverage remote template injection to facilitate the retrieval of an RTF file that would only have the malicious code if requested by a user with an IP address in Pakistan, according to a BlackBerry report.

Read full article on SC Magazine

Date:

11 May 2023

Categorie(s):

NEWS

Tag(s):

APT, IT, News, SideWinder

Adload malware exploits flaw to bypass macOS protections for Safari18 October 2024
Publishers Spotlight: Proofpoint18 October 2024
Email Security Best Practices & Tips From 10 Industry Experts18 October 2024
Stealing, Kubernetes, Passkeys, SolarWinds, Intel, Sextortion, and… – SWN #42318 October 2024
Oktane 2024: Partners talk of collaboration plans18 October 2024