High-level government institutions across Sri Lanka, Bangladesh, and Pakistan have been targeted by SideWinder through spear-phishing campaigns employing geofenced payloads. These attacks exploit known vulnerabilities in Microsoft Office to deploy StealerBot malware, aiming to steal sensitive data and maintain persistent access. #Cyberattack #SideWinder #GovernmentTargets #MalwareDeployment #SouthAsia
Keypoints
- SideWinder is targeting government institutions in South Asia using spear-phishing campaigns.
- The attackers utilize geofenced payloads to limit malicious content to specific country targets.
- The campaigns exploit old Microsoft Office vulnerabilities (CVE-2017-0199 and CVE-2017-11882) for initial infection.
- StealerBot malware is used to gather sensitive information, including passwords, keystrokes, and files.
- The attack tactics demonstrate high precision and control to maximize impact on selected targets.
Read More: https://thehackernews.com/2025/05/south-asian-ministries-hit-by.html