BTC $51740.4000
ETH $3112.6552
BNB $388.4861
SOL $103.4699
XRP $0.5425
ADA $0.5914
AVAX $37.4726
TRX $0.1377
DOGE $0.0861
wstETH $3608.1939
LINK $18.7122
DOT $7.9253
WETH $3099.5051
UNI $11.0991
MATIC $0.9984
WBTC $51892.2111
IMX $3.2035
ICP $12.4694
LTC $70.1056
BCH $267.9077
CAKE $3.1362
FIL $8.1161
ETC $27.2027
KAS $0.1709
RNDR $7.2125
DAI $1.0003
HBAR $0.1094
ATOM $10.3766
INJ $35.7526
TON $2.0791
OKB $50.2401
VET $0.0451
FDUSD $1.0003
LDO $3.3874
GRT $0.2891
ARB $1.9019
STX $2.5976
XMR $129.3498
TIA $16.7710
XLM $0.1165
ENS $22.8347
NEAR $3.7109
APEX $2.4753
WEMIX $2.0914
MKR $2051.3393
RETH $3421.4719
ALGO $0.2075
BTC $51740.4000
ETH $3112.6552
BNB $388.4861
SOL $103.4699
XRP $0.5425
ADA $0.5914
AVAX $37.4726
TRX $0.1377
DOGE $0.0861
wstETH $3608.1939
LINK $18.7122
DOT $7.9253
WETH $3099.5051
UNI $11.0991
MATIC $0.9984
WBTC $51892.2111
IMX $3.2035
ICP $12.4694
LTC $70.1056
BCH $267.9077
CAKE $3.1362
FIL $8.1161
ETC $27.2027
KAS $0.1709
RNDR $7.2125
DAI $1.0003
HBAR $0.1094
ATOM $10.3766
INJ $35.7526
TON $2.0791
OKB $50.2401
VET $0.0451
FDUSD $1.0003
LDO $3.3874
GRT $0.2891
ARB $1.9019
STX $2.5976
XMR $129.3498
TIA $16.7710
XLM $0.1165
ENS $22.8347
NEAR $3.7109
APEX $2.4753
WEMIX $2.0914
MKR $2051.3393
RETH $3421.4719
ALGO $0.2075
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • SideWinder militantly masquerades as Pakistani and Chinese government agencies in their latest attacks

    55 fake websites recreated with high fidelity - the hackers are determined.

    According to a joint report by Group-IB and Bridewell, the hacker group SideWinder, allegedly backed by the Indian government, is using a new attack infrastructure to carry out targeted cyber strikes against targets in Pakistan and China.

    According to the researchers, hackers have registered 55 domains that mimic various organizations in the areas of news, government, telecommunications and finance.

    "The identified phishing domains mimic various organizations in the news, government, telecommunications and finance sectors," the researchers said.

    The SideWinder group has been known for its activity since 2012. It predominantly uses specialized phishing emails to infiltrate targeted networks. The group's range of targets is believed to be linked to Indian intelligence interests, with Pakistan, China, Sri Lanka, Afghanistan, Bangladesh, Myanmar, the Philippines, Qatar and Singapore being the most frequently attacked countries.

    In February 2023, Group-IB presented evidence that SideWinder may have attacked 61 government, military, law enforcement and other organizations across Asia in the second half of 2022. More recently, the group has been seen using a technique called "Server-Based Polymorphism" in stealth attacks against Pakistani government organizations.

    The aforementioned domains created by attackers imitate government organizations in Pakistan, China and India. Many of them featured “trap documents” about the government. They are intended for downloading the payload of the next stage to the target device.

    During the investigation, experts identified many malicious files involved in the infection. Among them are Microsoft Word documents purporting to be from the Pakistan Naval College; malicious Windows shortcuts (".lnk") that launch malicious HTML applications; as well as fake Android mobile apps.

    Overall, the phishing domains used in this malicious campaign indicate that SideWinder is targeting media, financial, government, law enforcement, and e-commerce companies in Pakistan and China.

    Author DeepWeb
    FIN7 hackers are back with a new ransomvar Clop
    "Greatness": a new phishing service

    Comments 0

    Add comment