Sidewinder Hackers Using Weaponized Docs to Install Malware

Researchers from Cyfirma have unearthed a sophisticated, ongoing cyber attack targeting the governments of Nepal and Bhutan. The Sidewinder APT group, also known as other names including Rattlesnake and BabyElephant, is using weaponized documents, spear-phishing and malicious macros in their assault. A key concern is the decoy documents resembling those from the Nepalese Prime Minister’s Office. The cybercriminals are using advanced tactics, requiring urgent, coordinated action to thwart their efforts.