Names | ShadowPad Winnti POISONPLUG.SHADOW XShellGhost | |
Category | Malware | |
Type | Backdoor | |
Description | (Kaspersky) ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World. | |
Information | <https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world> <https://securelist.com/shadowpad-in-corporate-networks/81432/> <https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf> <https://st.drweb.com/static/new-www/news/2020/october/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en.pdf> <https://labs.sentinelone.com/shadowpad-a-masterpiece-of-privately-sold-malware-in-chinese-espionage/> <https://www.secureworks.com/research/shadowpad-malware-analysis> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowpad> |
Last change to this tool card: 03 April 2022
Download this tool card in JSON format
Previous: ShadowNet
Next: ShadyRAT
Changed | Name | Country | Observed | ||
APT groups | |||||
APT 41 | 2012-Aug 2024 | ||||
Bronze Butler, Tick, RedBaldNight, Stalker Panda | 2006-Apr 2021 | ||||
Earth Krahang | 2022 | ||||
Earth Lusca | 2019-Sep 2024 | ||||
Icefog, Dagger Panda | 2011-2018/2019 | ||||
Mustang Panda, Bronze President | 2012-Mar 2024 | ||||
RedEcho | 2020 | ||||
RedFoxtrot | 2014-Aug 2021 | ||||
RedHotel, TAG-22 | 2021 | ||||
Space Pirates | 2017-Sep 2022 | ||||
TAG-38 | 2021 | ||||
Tonto Team, HartBeat, Karma Panda | 2009-Apr 2023 | ||||
Tropic Trooper, Pirate Panda, APT 23, KeyBoy | 2011-Jun 2023 | ||||
Velvet Ant | 2023-Jul 2024 |
14 groups listed (14 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |