G1008

G1008SideCopy

Description

[SideCopy](https://attack.mitre.org/groups/G1008) is a Pakistani threat group that has primarily targeted South Asian countries, including Indian and Afghani government personnel, since at least 2019. [SideCopy](https://attack.mitre.org/groups/G1008)'s name comes from its infection chain that tries to mimic that of [Sidewinder](https://attack.mitre.org/groups/G0121), a suspected Indian threat group.(Citation: MalwareBytes SideCopy Dec 2021)

References

  1. https://attack.mitre.org/groups/G1008
  2. https://www.malwarebytes.com/blog/news/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure

Software attributed to this1

TypeTargetConfidenceTier
SoftwareAction RATs1028100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Sidewinder
Group
BITTER
Software
Action RAT
Software
AuTo Stealer
Group
Windshift
Group
Gorgon Group
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.