BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • SideWinder militantly masquerades as Pakistani and Chinese government agencies in their latest attacks

    55 fake websites recreated with high fidelity - the hackers are determined.

    According to a joint report by Group-IB and Bridewell, the hacker group SideWinder, allegedly backed by the Indian government, is using a new attack infrastructure to carry out targeted cyber strikes against targets in Pakistan and China.

    According to the researchers, hackers have registered 55 domains that mimic various organizations in the areas of news, government, telecommunications and finance.

    "The identified phishing domains mimic various organizations in the news, government, telecommunications and finance sectors," the researchers said.

    The SideWinder group has been known for its activity since 2012. It predominantly uses specialized phishing emails to infiltrate targeted networks. The group's range of targets is believed to be linked to Indian intelligence interests, with Pakistan, China, Sri Lanka, Afghanistan, Bangladesh, Myanmar, the Philippines, Qatar and Singapore being the most frequently attacked countries.

    In February 2023, Group-IB presented evidence that SideWinder may have attacked 61 government, military, law enforcement and other organizations across Asia in the second half of 2022. More recently, the group has been seen using a technique called "Server-Based Polymorphism" in stealth attacks against Pakistani government organizations.

    The aforementioned domains created by attackers imitate government organizations in Pakistan, China and India. Many of them featured “trap documents” about the government. They are intended for downloading the payload of the next stage to the target device.

    During the investigation, experts identified many malicious files involved in the infection. Among them are Microsoft Word documents purporting to be from the Pakistan Naval College; malicious Windows shortcuts (".lnk") that launch malicious HTML applications; as well as fake Android mobile apps.

    Overall, the phishing domains used in this malicious campaign indicate that SideWinder is targeting media, financial, government, law enforcement, and e-commerce companies in Pakistan and China.

    Author DeepWeb
    FIN7 hackers are back with a new ransomvar Clop
    "Greatness": a new phishing service

    Comments 0

    Add comment