Home > List all groups > List all tools > List all groups using tool RIFLESPINE

Threat Group Cards: A Threat Actor Encyclopedia

Names	RIFLESPINE
Category	Malware
Type	Backdoor
Description	(Mandiant) RIFLESPINE is a cross-platform backdoor that leverages Google Drive to transfer files and execute commands. It adopts the CryptoPP library to implement the AES algorithm to encrypt and decrypt the data transmitted between an affected machine and the threat actor.
Information	<https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations>

Last change to this tool card: 26 August 2024

Download this tool card in JSON format

1 group listed (1 APT, 0 other, 0 unknown)

APT groups