ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Lambert

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Lambert

NamesLambert
Plexor
CategoryMalware
TypeInfo stealer
DescriptionFrom the start, Symantec suspected Longhorn was an outlier, saying it appeared to be different from other potential cybercrime groups. That assessment was based in part on Longhorn using a zero-day software exploit, which Symantec found embedded within a Microsoft Word document. The exploit delivered a data-stealing tool called Plexor.

'The malware had all the hallmarks of a sophisticated cyberespionage group,' Symantec writes. 'Aside from access to zero-day exploits, the group had preconfigured Plexor with elements that indicated prior knowledge of the target environment.'
Information<https://www.bankinfosecurity.com/symantec-links-longhorn-group-to-cia-hacking-files-a-9824>
<https://securelist.com/blog/research/77990/unraveling-the-lamberts-toolkit/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.lambert>

Last change to this tool card: 14 May 2020

Download this tool card in JSON format

Previous: LadonGo
Next: Lastacloud

All groups using tool Lambert

ChangedNameCountryObserved

APT groups

     ↳ Subgroup: Longhorn, The LambertsUSA2009 
 Equation GroupUSA2001-Aug 2016X

2 groups listed (2 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]