Names | Tunnus QUIETCANARY Kapushka | |
Category | Malware | |
Type | Backdoor | |
Description | (Kaspersky) A .NET-based backdoor with the ability to run commands or perform file actions on an infected system and send the results to its command-and-control servers. So far, the infrastructure has been built using compromised sites with vulnerable Wordpress installations. According to the company’s telemetry, Tunnus activity started in March and remained active. | |
Information | <https://www.kaspersky.com/about/press-releases/2019_the-garden-of-forking-paths-sophisticated-apts-diversify-toolsets> <https://www.mandiant.com/resources/blog/turla-galaxy-opportunity> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S1076> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.quietcanary> |
Last change to this tool card: 27 August 2024
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Tomiris | [Unknown] | 2020 | |||
Turla, Waterbug, Venomous Bear | 1996-Dec 2023 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |