An Indian hacker group is targeting Pakistan again with a new spying tool, raising concerns about intensified cyber espionage activities. Kaspersky’s Global Research and Analysis Team (GReAT) has identified the Advanced Persistent Threat (APT) group, SideWinder, as the force behind these attacks; operating since 2012, the group has a notorious reputation for cyber espionage across South and Southeast Asia, particularly in Pakistan. Now, with their new espionage toolkit dubbed ‘StealerBot,’ the group is once again focusing on Pakistan, alongside regions in the Middle East and Africa.
Indian Hacker Group is Targeting Pakistan: SideWinder’s New Toolkit
SideWinder, also known as T-APT-04 or ‘RattleSnake,’ has continuously aimed its attacks at military and government sectors in Pakistan. This latest campaign with ‘StealerBot’ is about a newly discovered tool that is specifically designed to perform covert surveillance and intelligence gathering. It can steal sensitive data, capture images of user screens, log keystrokes, and even retrieve passwords stored in web browsers. These features make it a potent threat to critical infrastructure in Pakistan, as well as other regions.
The lead security researcher at Kaspersky’s GReAT, Giampaolo Dedola said: ‘In essence, ‘StealerBot’ is a stealthy espionage tool that allows threat actors to spy on systems while avoiding easy detection and operates through a modular structure, with each component designed to perform a specific function. These modules never appear as files on the system’s hard drive, as instead they are loaded directly into the memory, making them difficult to trace.’
New Threat to Pakistan’s Critical Infrastructure
The SideWinder group’s current strategy is more dangerous than before, as it employs modular tactics that make their malicious activities more complicated to detect. StealerBot, loaded directly into a system’s memory, avoids detection by traditional security software. This poses a severe challenge for Pakistan’s cybersecurity infrastructure, which must now defend against both the spyware itself and the group’s broader capabilities. According to cybersecurity experts, the group’s attacks could have a long-lasting impact on national security and sensitive industries in Pakistan if not swiftly countered.
Read more: Indian Hackers Targeted Computers of Pakistani Politicians, Generals’