{ "type": "bundle", "id": "bundle--4209620b-68ca-4ee3-8d37-1c70c414eaf6", "spec_version": "2.0", "objects": [ { "modified": "2022-10-24T18:51:09.213Z", "name": "SideCopy", "description": "[SideCopy](https://attack.mitre.org/groups/G1008) is a Pakistani threat group that has primarily targeted South Asian countries, including Indian and Afghani government personnel, since at least 2019. [SideCopy](https://attack.mitre.org/groups/G1008)'s name comes from its infection chain that tries to mimic that of [Sidewinder](https://attack.mitre.org/groups/G0121), a suspected Indian threat group.(Citation: MalwareBytes SideCopy Dec 2021)", "aliases": [ "SideCopy" ], "x_mitre_deprecated": false, "x_mitre_version": "1.0", "x_mitre_contributors": [ "Pooja Natarajan, NEC Corporation India", "Hiroki Nagahama, NEC Corporation", "Manikantan Srinivasan, NEC Corporation India" ], "type": "intrusion-set", "id": "intrusion-set--03be849d-b5a2-4766-9dda-48976bae5710", "created": "2022-08-07T13:52:07.791Z", "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", "revoked": false, "external_references": [ { "source_name": "mitre-attack", "url": "https://attack.mitre.org/groups/G1008", "external_id": "G1008" }, { "source_name": "MalwareBytes SideCopy Dec 2021", "description": "Threat Intelligence Team. (2021, December 2). SideCopy APT: Connecting lures victims, payloads to infrastructure. Retrieved June 13, 2022.", "url": "https://www.malwarebytes.com/blog/news/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure" } ], "object_marking_refs": [ "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" ], "x_mitre_domains": [ "enterprise-attack" ], "x_mitre_attack_spec_version": "3.0.0", "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" } ] }