Sidewinder
Sidewinder is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia, primarily focusing on Pakistan, China, Nepal, and Afghanistan.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low1.0
Low signal strength
Mentions1
Sources0
High conf.1
Last seenMay 2026
First observed
2021-01-27
Last active
—
Origin
India
Aliases
3
Techniques
30
Campaigns
0
India
Attribution signals
1 mention · 0 sources#1confirmedhigh
TTP matchVictimology
wechat-qax-ti
May 2026
"Multiple independent researchers confirmed the activity belongs to SideWinder."
Hedge terms observed
confirmed