mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add LilacSquid
parent
7ade514644
commit
3c7f74913f
|
@ -16068,6 +16068,16 @@
|
|||
},
|
||||
"uuid": "1bd2034f-a135-4c71-b08f-867b7f9e7998",
|
||||
"value": "SEXi"
|
||||
},
|
||||
{
|
||||
"description": "LilacSquid is an APT actor targeting a variety of industries worldwide since at least 2021. They use tactics such as exploiting vulnerabilities and compromised RDP credentials to gain access to victim organizations. Their post-compromise activities involve deploying MeshAgent and a customized version of QuasarRAT known as PurpleInk to maintain control over infected systems. LilacSquid has been observed using tools like Secure Socket Funneling for data exfiltration.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://blog.talosintelligence.com/lilacsquid/"
|
||||
]
|
||||
},
|
||||
"uuid": "efacc258-fa0e-4686-99d2-03bab14a640e",
|
||||
"value": "LilacSquid"
|
||||
}
|
||||
],
|
||||
"version": 310
|
||||
|
|
Loading…
Reference in New Issue