HOMETHREATSSideWinder
APT / THREAT GROUP

SideWinder

3
aliases
Last seen:May 19, 2026

Intelligence Profile

SideWinder involved a fake VPN app for Android devices published on Google Play Store along with a custom tool that filters victims for better targeting.

Threat Analysis

SideWinder is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases3

Also Known As

SideWinderapk.sidewinderwin.sidewinder

External Intelligence

Malpedia: win.sidewinder

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.