New Hacking threat Alert: SideWalk

A recent campaign led by Chinese advanced and persistent threat group primarily known for singling out entities in East and Southeast Asia has hit a computer retail company based in the U.S. recently. According to The Hacker News “Side walk in a modular backdoor that can dynamically  load additional modules sent from its C&C [command-and-control] server, makes use of Google Docs as a dead drop resolver, and Cloudflare works as a C&C server” ESET researchers Thibaut Passilly and Mathieu Tartare said in a report published Tuesday.

Over the past year a collective hacker group associated with SideWalk “...hit a broad range of organizations and verticals around the world, with a particular focus on the academic institutions located in Bahrain, Canada, Georgia, India, Macao, Singapore, South Korea, Taiwan, and the U.S.”

Other targeted entities include

  • Media companies

  • Religious organizations

  • E-commerce platforms

  • Computer and electronics manufacturers 

  • Local governments


“SideWalk is designed to load arbitrary plugins sent from the server, amass information about running processes, and exfiltrate the results back to the remote server.”



Previous
Previous

What was exposed in Microsoft's 2021 data breach?

Next
Next

Google’s Crimes against Identity are finally being Addressed