Threat actor · all actors
SidewinderG0121 unknown
aka Sidewinder, T-APT-04, Rattlesnake
Last updated: 2026-07-03
1attributed CVEs
42ATT&CK techniques
4.3IDF score (tooling uniqueness)
1exclusive CVEs
2018years active
About this actor
[Sidewinder](https://attack.mitre.org/groups/G0121) is a suspected Indian threat actor group that has been active since at least 2012. They have been observed targeting government, military, and business entities throughout Asia, primarily focusing on Pakistan, China, Nepal, and Afghanistan.(Citation: ATT Sidewinder January 2021)(Citation: Securelist APT Trends April 2018)(Citation: Cyble Sidewinder September 2020)
Source: MITRE ATT&CK
Activity timeline
- 2018 — 1 CVE published
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
CVE-2018-4876 | 3.5 | 6.1 | 0.0460 | 2018-02-27 | see CVE |
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-3 | 28 / 42 | 67% |
SI-4 | 28 / 42 | 67% |
CM-6 | 27 / 42 | 64% |
CM-2 | 26 / 42 | 62% |
CA-7 | 20 / 42 | 48% |
CM-7 | 18 / 42 | 43% |
AC-4 | 17 / 42 | 40% |
SC-7 | 16 / 42 | 38% |
SI-7 | 15 / 42 | 36% |
SI-10 | 13 / 42 | 31% |
SI-2 | 13 / 42 | 31% |
AC-6 | 11 / 42 | 26% |
CM-8 | 11 / 42 | 26% |
RA-5 | 11 / 42 | 26% |
AC-3 | 10 / 42 | 24% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Windshift 0.43
- Patchwork 0.42
- SideCopy 0.40
- Frankenstein 0.37
- Confucius 0.37
Active in same years
- ArcaneDoor 1.00
- Lazarus Group 1.00
- Andariel 1.00
- Storm-0530 1.00
- Maui ransomware 1.00