Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:08:38 UTC
Home > List all groups > List all tools > List all groups using tool BroStealer
 Tool: BroStealer
Names BroStealer
Category Malware
Type Info stealer, Exfiltration
Description
(Kaspersky) We recently discovered a previously publicly unknown Android implant used in
2018-2019 by the SideWinder threat group, which we dubbed BroStealer. The main purpose of
the BroStealer implant is to collect sensitive information from a victim’s device, such as
photos, SMS messages, call recordings and files from various messaging applications.
Although SideWinder has numerous campaigns against victims using the Windows platform,
recent reports have shown that this threat group also goes after its targets via the mobile
platform.
Information Last change to this tool card: 16 May 2021
Download this tool card in JSON format
All groups using tool BroStealer
Changed Name Country Observed
APT groups
 SideWinder, Rattlesnake 2012-2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5fb4301b-92e0-4258-b11a-bab7777e48f3
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5fb4301b-92e0-4258-b11a-bab7777e48f3
Page 1 of 1