March 11, 2025 By Pierluigi Paganini
The APT group SideWinder targets maritime and logistics companies across South and Southeast Asia, the Middle East, and Africa.
Kaspersky researchers warn that the APT group SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) is targeting maritime, logistics, nuclear, telecom, and IT sectors across South Asia, Southeast Asia, the Middle East, and Africa.
SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. In the 2022 attacks, the threat actors also targeted departments of Foreign Affairs, Scientific and Defence organisations, Aviation, IT industry, and Legal firms.
The threat actor maintains a large C2 infrastructure composed of more than 400 domains and subdomains that were used to host malicious payloads and control them.
Kaspersky observed SideWinder expanding its attacks in 2024, with growing activity in Egypt, Asia, and Africa.
