SideCopy
SideCopy is a Pakistani threat group that has primarily targeted South Asian countries, including Indian and Afghani government personnel, since at least 2019. SideCopy's name comes from its infection chain that tries to mimic that of Sidewinder, a suspected Indian threat group.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 LowAttribution signals
3 mentions · 2 sources"Indian cybersecurity firm Seqrite attributed the operation with medium-to-high confidence to SideCopy, a threat actor widelyl linked to Pakistan and known for targeting government, military and diplomatic entities across South Asia."
"Seqrite attributes the recently observed, likely ongoing phishing campaign to the group known as "SideCopy.""
"SideCopy has been active since at least 2019 and has frequently been linked by researchers to operations resembling those of APT36, also known as Transparent Tribe, a hacking group associated with Pakistan."
Hedge terms observed