TaxOff: You've Got a Backdoor...
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated threat group named TaxOff has been discovered targeting Russian government agencies. The group uses phishing emails with legal and financial themes to deliver the Trinper backdoor, a multithreaded C++ malware with advanced features. Trinper employs STL containers, custom serialization, and a buffer cache for improved performance. It can inject code, manipulate files, execute commands, and perform keylogging. The backdoor communicates with command and control servers using encrypted channels and domain fronting techniques. TaxOff's combination of convincing social engineering and a complex backdoor makes their attacks particularly dangerous and difficult to detect.
OPENCTI LABELS :
espionage,phishing,keylogging,code injection,russian government,trinper backdoor
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
TaxOff: You've Got a Backdoor...