Group-IB researchers have identified two malicious campaigns from 2020 and 2021, respectively, carried out by SideWinder APT that were designed to steal cryptocurrency. The researchers found two new home-grown tools used by SideWinder APT during the campaign: SideWinder.RAT.b and SideWinder.StealerPy. Given the groups’s financial backing and target list, researchers anticipate this threat to keep evolving and expanding.