The cybersecurity team at BlackBerry has identified a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea, carried out by the nation-state threat actor known as SideWinder.
This spear-phishing campaign, as discovered by the BlackBerry Research and Intelligence Team, is aimed at countries such as Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the Maldives.
SideWinder, also known by several other names like APT-C-17, Baby Elephant, Hardcore Nationalist, Rattlesnake, and Razor Tiger, is believed to be linked to India and has been active since 2012, utilizing spear-phishing techniques to deliver malicious payloads that trigger attacks.
The latest attacks involve lures related to emotional triggers such as sexual harassment, employee termination, and salary cuts to deceive recipients into opening malicious Microsoft Word documents through known security flaws.
It’s suspected that the end goal of these attacks is intelligence gathering, given SideWinder’s history of similar campaigns. The cyber threat actor continues to evolve its tactics and infrastructure for targeting new regions in the future.
