Names | BBSRAT | |
Category | Malware | |
Type | Backdoor | |
Description | (Palo Alto) The adversaries behind these attacks continued to target Russia and other Russian speaking nations using similar exploits and attack vectors. However, while the malware used in these new attacks uses similar infection mechanisms to PlugX, it is a completely new tool with its own specific behavior patterns and architecture. We have named this tool “BBSRAT.” | |
Information | <https://unit42.paloaltonetworks.com/bbsrat-attacks-targeting-russian-organizations-linked-to-roaming-tiger/> <https://researchcenter.paloaltonetworks.com/2016/03/digital-quartermaster-scenario-demonstrated-in-attacks-against-the-mongolian-government/> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0127/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.bbsrat> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:bbsrat> |
Last change to this tool card: 13 May 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Roaming Tiger | 2014-Aug 2015 | ||||
Vicious Panda | 2015-Mar 2020 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |