Names | EYE | |
Category | Malware | |
Type | Backdoor | |
Description | (Palo Alto) The actor uses the EYE tool as a failsafe while they are logged into the system via RDP, as the tool will kill all processes created by the actor and remove other identifying artifacts if a legitimate user logs in. | |
Information | <https://unit42.paloaltonetworks.com/xhunt-campaign-attacks-on-kuwait-shipping-and-transportation-organizations/> |
Last change to this tool card: 29 April 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
xHunt | 2018-Aug 2019 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |