In the Google Play Store, SideWinder hackers have implanted a bogus Android VPN program

Share This Post

The adversary relies on a fairly large infrastructure with that includes more than 92 IP addresses, mainly for phishing attacks, hosting hundreds of domains and subdomains used as command and control servers. A recent phishing campaign attributed to SideWinder (a.k.a. RattleSnake, Razor Tiger, T-APT-04, APT-C-17, Hardcore Nationalist) targeted organizations in Pakistan in both the public and private sector.

A phoney VPN programme for Android smartphones was uploaded on Google Play Store, coupled with a bespoke tool that selects users for improved targeting, in phishing attacks ascribed to an advanced threat actor known as SideWinder. SideWinder is an APT organisation that has been operating since at least 2012, and is thought to be an Indian actor with a high level of expertise. Over 1,000 assaults have been ascribed to this gang in the last two years, according to Kaspersky security analysts. Organizations in Pakistan, China, Nepal, and Afghanistan are among its key objectives.


  • The recent phishing campaign also used this method against targets, as the actor set up multiple websites that mimicked legitimate domains of the Pakistani government:

  • Researchers at cybersecurity company Group-IB earlier this year detected a phishing document luring victims with a document proposing “a formal discussion of the impact of US withdrawal from Afghanistan on maritime security.” In a report shared with BleepingComputer, Group-IB says that SideWinder has also been observed in the past cloning government website (e.g. government portal in Sri Lanka) to steal user credentials.


Related Posts

The casing: Appleè M2 MacBook and news on wearables

Oh sure, you can use this week, the last...

Rewind: a decade of iPhone camera innovation

If you skim the charts below you will see...

Westpac payment terminals will use Android Phone

The service, named Westpac Tap On Phone, will offer...

The victim took a photo on the phone and the man was charged with murder

A witness told police that Martinez had been parked...
- Advertisement -spot_img