This latest SideWinder campaign targets Turkey, and it uses a server-based polymorphism technique to deliver the next stage payload.
This comes shortly after Fortinet and Team Cymru disclosed details of attacks perpetrated by a Pakistan-based threat actor known as SideCopy against Indian defense and military targets.
In this campaign, the SideWider advanced persistent threat (APT) group used a server- based polymorphism technology, the BlackBerry Research and Intelligence Team said in a technical report published Monday.
If a user is not from the Pakistani IP range, the server returns an 8-byte RTF file (file.rtf) that contains a single string: {\rtf1 }.
The disclosure arrives after Fortnet and Team Cyru discloseddetails of attacks perpetrated by aPakistan-based Threat actor knownAs SideWIDER against Indian Defense and Military Targets.
The recent developments in geopolitics; specifically, in Turkey’s support of Pakistan and the ensuing reaction
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply