New Hacking threat Alert: SideWalk

A recent campaign led by Chinese advanced and persistent threat group primarily known for singling out entities in East and Southeast Asia has hit a computer retail company based in the U.S. recently. According to The Hacker News “Side walk in a modular backdoor that can dynamically  load additional modules sent from its C&C [command-and-control] server, makes use of Google Docs as a dead drop resolver, and Cloudflare works as a C&C server” ESET researchers Thibaut Passilly and Mathieu Tartare said in a report published Tuesday.

Over the past year a collective hacker group associated with SideWalk “...hit a broad range of organizations and verticals around the world, with a particular focus on the academic institutions located in Bahrain, Canada, Georgia, India, Macao, Singapore, South Korea, Taiwan, and the U.S.”

Other targeted entities include

• Media companies

• Religious organizations

• E-commerce platforms

• Computer and electronics manufacturers 

• Local governments

“SideWalk is designed to load arbitrary plugins sent from the server, amass information about running processes, and exfiltrate the results back to the remote server.”