MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 08:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

chg: [backdoors] Adds BPFDoor

Browse source 
Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
This commit is contained in:
Jürgen Löhel 2022-05-11 19:03:39 -05:00
parent fcdc6c86e6
commit 45da13ce5e
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
clusters/backdoor.json
View file

@ -172,7 +172,20 @@
], ],
"uuid": "16902832-0118-40f2-b29e-eaba799b2bf4", "uuid": "16902832-0118-40f2-b29e-eaba799b2bf4",
"value": "SUNBURST" "value": "SUNBURST"
},
{
"description": "BPFDoor is a passive backdoor used by a China-based threat actor. This backdoor supports multiple protocols for communicating with a C2 including TCP, UDP, and ICMP allowing the threat actor a variety of mechanisms to interact with the implant",
"meta": {
"refs": [
"https://troopers.de/troopers22/talks/7cv8pz/",
"https://doublepulsar.com/bpfdoor-an-active-chinese-global-surveillance-tool-54b078f1a896?gi=1effe9eb6507",
"https://twitter.com/cyb3rops/status/1523227511551033349",
"https://twitter.com/CraigHRowland/status/1523266585133457408"
]
},
"uuid": "0c3b1aa5-3a33-493e-9126-28ebced4ed09",
"value": "BPFDoor"
} }
], ],
"version": 11 "version": 12
} }