March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Andariel Group Evolves to Target South Korea With Ransomware
June 16, 2021Rewterz Threat Advisory – Multiple Security Updates for Dell ECS Third-Party Component
June 16, 2021Rewterz Threat Alert – Andariel Group Evolves to Target South Korea With Ransomware
June 16, 2021Rewterz Threat Advisory – Multiple Security Updates for Dell ECS Third-Party Component
June 16, 2021
Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan.The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information theft and espionage
Indicators of Compromise
MD5
- f23dd9acbf28f324b290b970fbc40b30
- 04f7ee1aa5e29d2f2d4ea6b539d20709
SHA-256
- a3c020bf50d39a58f5345b671c43d790cba0e2a3f631c5182437976adf970633
- e9d550d9a18dd0efee23eb189ba79917d39e5c33fc1dfac662248868c260f073
SHA-1
- fa2d17a1675ae8ea0c44a8a06376fe0c6267b7a5
- f72d2f06ee7aeaa9180e9ba3132192332dcc1bf8
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.