March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Donot APT Group – Active IOCs
September 14, 2021Rewterz Threat Advisory – Multiple Google Chrome Security Vulnerabilities
September 14, 2021Rewterz Threat Alert – Donot APT Group – Active IOCs
September 14, 2021Rewterz Threat Advisory – Multiple Google Chrome Security Vulnerabilities
September 14, 2021
Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan. The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information Theft and Espionage
Indicators of Compromise
Domain Name
- fqn-asw[.]net
File Name
- Updated Contact list[.]doc
MD5
- 80c9cbca42c1adb23b9ee7f800f483cd
SHA-256
- 6e129c9d560074d7f5c782af618614b1ddc02f2916db9bccc4936b5bde282e2b
SHA1
- b7ad617d9a35980af36aade6833757419c81f620
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment