CyberSecurityBoard
Sponsor Register Login

SideWinder APT Hackers Leverage Nepal Protests

The SideWinder APT group has been actively exploiting the ongoing Nepal protests to conduct cyber espionage and targeted attacks. This threat actor leverages the socio-political unrest as a cover to deploy sophisticated malware and phishing campaigns aimed at government entities, activists, and critical infrastructure in the region. The campaign involves the use of custom backdoors and credential stealers to infiltrate victim networks, gather intelligence, and maintain persistence. SideWinder's tactics include spear-phishing emails with malicious attachments and links, exploiting vulnerabilities in popular software, and social engineering techniques to maximize infection rates. The group’s operations highlight the increasing trend of state-sponsored hackers exploiting geopolitical events to advance their espionage objectives. Organizations in Nepal and neighboring countries are advised to enhance their cybersecurity posture by implementing robust email filtering, user awareness training, and timely patch management. Monitoring network traffic for unusual activity and employing endpoint detection and response (EDR) solutions can also mitigate the impact of such targeted attacks. This case underscores the importance of geopolitical context in cyber threat intelligence and the need for continuous vigilance against APT groups exploiting real-world events for cyber operations.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 15 Sep 2025 16:15:56 +0000


Cyber News related to SideWinder APT Hackers Leverage Nepal Protests

SideWinder APT Hackers Leverage Nepal Protests - The SideWinder APT group has been actively exploiting the ongoing Nepal protests to conduct cyber espionage and targeted attacks. This threat actor leverages the socio-political unrest as a cover to deploy sophisticated malware and phishing campaigns ...
3 months ago Cybersecuritynews.com SideWinder
Nepal social media ban sparks protests amid political turmoil - Nepal recently witnessed widespread protests triggered by the government's decision to impose a social media ban. This move, aimed at controlling the flow of information during a period of political instability, has raised significant concerns about ...
4 months ago Therecord.media
SideWinder Adopts New ClickOnce-Based Loader to Evade Detection - SideWinder, a known cyber espionage group, has recently updated its attack methodology by adopting a new ClickOnce-based loader. This evolution in their tactics allows them to better evade detection by traditional security solutions. ClickOnce is a ...
2 months ago Thehackernews.com SideWinder
What is an advanced persistent threat? - An advanced persistent threat is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. APT attacks are initiated to steal highly sensitive data rather than cause damage to ...
2 years ago Techtarget.com Cozy Bear APT29
SideWinder Hacker Group Hosting Fake Outlook Portals to Steal Credentials - The SideWinder hacker group has been identified hosting fake Outlook login portals as part of a sophisticated phishing campaign aimed at stealing user credentials. These counterfeit portals are designed to closely mimic legitimate Microsoft Outlook ...
3 months ago Cybersecuritynews.com SideWinder
SideWinder APT Group Attacking Military & Government Entities With New Tools - Recent findings reveal that SideWinder has developed a massive new infrastructure to distribute malware and control compromised systems, with a notable increase in attacks against maritime infrastructures, logistics companies, and entities related to ...
10 months ago Cybersecuritynews.com Sidewinder CVE-2017-11882
Nepal lifts social media ban after deadly protests - Nepal recently lifted its social media ban following a series of deadly protests that highlighted the critical role of digital platforms in modern civil unrest. The government initially imposed the ban to curb the spread of misinformation and ...
4 months ago Therecord.media
X protests forced suspension of accounts in India The Register - The global government affairs team at X has suspended some accounts and posts in India after receiving executive orders to do so from the country's government, backed by threat of penalties including significant fines and imprisonment. X did not ...
1 year ago Go.theregister.com
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain - The SideWinder hacking group has been observed employing a sophisticated ClickOnce-based infection chain to compromise targets. This technique leverages Microsoft's ClickOnce deployment technology to deliver malicious payloads stealthily, bypassing ...
2 months ago Cybersecuritynews.com SideWinder
Sidewinder Hackers Using Weaponized Docs to Install Malware - Sidewinder APT group's sophisticated threat landscape reveals a skilled and persistent threat targeting the Nepalese Government entities. Their focus extends to South Asian governments, with researchers also identifying a recent complex attack on ...
2 years ago Gbhackers.com Sidewinder
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
CVE-2020-5202 - apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit ...
4 years ago
Russian hackers target unpatched JetBrains TeamCity servers - Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. APT 29, believed to ...
2 years ago Helpnetsecurity.com CVE-2023-42793 Andariel
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence - North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a ...
1 year ago Securityaffairs.com Kimsuky
Sidewinder - Sidewinder is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia, primarily focusing on Pakistan, China, Nepal, and ...
2 years ago Attack.mitre.org Sidewinder
Chinese APT Hackers Using Proxy and VPN to Evade Detection - Chinese APT (Advanced Persistent Threat) hacker groups have increasingly adopted the use of proxies and VPNs to mask their activities and evade detection by cybersecurity defenses. These threat actors leverage these tools to anonymize their network ...
4 months ago Cybersecuritynews.com Chinese APT groups
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
2 years ago Securityweek.com
Mysterious Elephant APT Hackers Infiltrate Organization - The recent cyberattack by the Mysterious Elephant APT group has raised significant concerns in the cybersecurity community. This advanced persistent threat (APT) group successfully infiltrated a major organization, demonstrating sophisticated tactics ...
2 months ago Cybersecuritynews.com CVE-2023-34527 CVE-2023-28252 Mysterious Elephant
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
2 years ago Bbc.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
2 years ago Bleepingcomputer.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
1 year ago Securityweek.com Silence
Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs - Russia-sponsored advanced persistent threat group Turla is now targeting Polish NGOs in a cyberespionage campaign that uses a freshly developed backdoor with modular capabilities, signaling an expansion of the scope of its attacks against supporters ...
1 year ago Darkreading.com Turla
Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
2 years ago Bloomberg.com LockBit
TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities - Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets. WinRAR vulnerabilities provide an entry point to manipulate compressed files, potentially executing malicious code on a victim's ...
2 years ago Gbhackers.com CVE-2023-23397 CVE-2023-38831 CVE-2023-32231

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)