Kaspersky’s Global Research and Analysis Team (GReAT) has uncovered new evidence showing that SideWinder, a prominent India-linked Advanced Persistent Threat (APT) group, is broadening its cyber espionage activities.
The group has now extended its reach into the Middle East, Africa, and Pakistan, employing a newly discovered surveillance toolkit dubbed ‘StealerBot’.
Operating since 2012, SideWinder—alternatively known as T-APT-04 or ‘RattleSnake’—has established itself as one of the most active APT groups in the cyber espionage landscape.
The organization has historically concentrated its efforts on military and government targets across South and Southeast Asia, particularly in Pakistan, Sri Lanka, China, and Nepal, while also targeting various sectors in neighboring regions.
According to Kaspersky’s findings, StealerBot, SideWinder’s sophisticated new espionage tool, employs a modular design specifically engineered for intelligence-gathering operations. The security firm reports that the ongoing campaign has targeted critical infrastructure and high-ranking organizations across multiple regions, with the potential for further expansion to new targets.
StealerBot’s capabilities include a broad array of malicious functions. The toolkit can deploy additional malicious software, capture screen images, record keyboard inputs, harvest browser-stored passwords, and intercept RDP (Remote Desktop Protocol) credentials. Additionally, the malware possesses file exfiltration capabilities, among other harmful functionalities.
The lead security researcher at Kaspersky’s GReAT, Giampaolo Dedola said:
In essence, ‘StealerBot’ is a stealthy espionage tool that allows threat actors to spy on systems while avoiding easy detection and operates through a modular structure, with each component designed to perform a specific function. These modules never appear as files on the system’s hard drive, as instead they are loaded directly into the memory, making them difficult to trace.
Stay Connected with ProPakistani
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.
