Sidewinder Hackers Using Weaponized Docs to Install Malware

The Sidewinder APT group, also known as Rattlesnake and Hardcore Nationalist among other names, is escalating its cyber attacks on South Asian governments, particularly targeting Nepal. The hackers use a multi-stage attack strategy including spear-phishing and malicious macros. Using hardcoded URLs, they embed a macro in documents resembling legitimate Nepalese government communications, which launches a payload when the document is opened, delivering backdoors. Analysts recommend robust endpoint security, awareness training for employees, and diligent system updates.