Home > List all groups > List all tools > List all groups using tool CMDEmber

Threat Group Cards: A Threat Actor Encyclopedia

Names	CMDEmber
Category	Malware
Type	Backdoor
Description	(SentinelLabs) CMDEmber interacts with a Google Firebase Realtime Database instance that has the role of a C2 server.
Information	<https://www.sentinelone.com/labs/wip26-espionage-threat-actors-abuse-cloud-infrastructure-in-targeted-telco-attacks/>

Last change to this tool card: 17 February 2023

Download this tool card in JSON format

Previous: CMD365
Next: CmdSQL

1 group listed (1 APT, 0 other, 0 unknown)

APT groups