Intel Name: Sidewinder apt group aka rattlesnake targeting pakistan – active iocs
Date of Scan: May 6, 2025
Impact: High
Summary: SideWinder APT, active since at least 2012 and likely based in India, targets government, military, and financial institutions in South Asia and the Middle East. The group leverages spear-phishing, social engineering, and zero-day exploits for network infiltration. It uses custom malware and backdoors to maintain persistence and exfiltrate sensitive data. SideWinder’s advanced TTPs support long-term espionage efforts, often aligned with geopolitical objectives.
