backdoor Archives - Unit 42

A pictorial representation of the threat actor group Playful Taurus showing an illustration of an orange bull’s head against the background of a blue night sky. Included is the constellation of Taurus.

16,290

people reacted

Chinese Playful Taurus Activity in Iran

By Unit 42
January 18, 2023 at 3:00 AM

22

9 min. read

A pictorial representation of the ProxyNotShell bypass threat brief

35,719

people reacted

Threat Brief: OWASSRF Vulnerability Exploitation

By Robert Falcone and Lior Rochberger
December 22, 2022 at 5:30 PM

11

9 min. read

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

64,721

people reacted

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

By Unit 42
June 13, 2022 at 3:00 AM

42

10 min. read

A conceptual image representing malware, such as Popping Eagle.

42,847

people reacted

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

By Yuval Zan and Chen Evgi
June 2, 2022 at 3:00 PM

23

12 min. read

A conceptual image representing malware, such as the SolarMarker campaign discussed here.

43,791

people reacted

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

By Shimi Cohen, Inbal Shalev and Irena Damsky
April 8, 2022 at 6:00 PM

294

8 min. read

A conceptual image representing cybercrime, such as the SockDetour backdoor being tracked by Unit 42 in conjunction with the TiltedTemple campaign.

48,496

people reacted

SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors

By Unit 42
February 24, 2022 at 6:00 AM

19

9 min. read

A conceptual image representing cybercrime, such as the use of the NGLite backdoor described here and the KdcSponge credential-stealing tool.

102,414

people reacted

Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer

By Robert Falcone, Jeff White and Peter Renals
November 7, 2021 at 6:00 PM

66

18 min. read

A conceptual image illustrating the concept of espionage, including the type of stealthy activity using backdoors that threat researchers observed the xHunt campaign using.

44,494

people reacted

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control

By Robert Falcone
November 9, 2020 at 12:00 AM

35

12 min. read

44,512

people reacted

The New and Improved macOS Backdoor from OceanLotus

By Erye Hernandez and Danny Tsechansky
June 22, 2017 at 10:00 AM

12

9 min. read