| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UNC1945 is an APT group that has been targeting telecommunications companies globally. They use Linux-based implants to maintain long-term access in compromised networks. UNC1945 has demonstrated advanced technical abilities, utilizing various tools and techniques to evade detection and move laterally through networks. They have also been observed targeting other industries, such as financial and professional consulting, and have been linked to other threat actors, including MustangPanada and RedDelta.
| 2024-02-28
⋅
Twitter (@haxrob)
⋅
Tweet series regarding GTPDOOR GTPDOOR |
| 2024-02-27
⋅
Doubleagent.net
⋅
GTPDOOR - A novel backdoor tailored for covert access over the roaming exchange GTPDOOR |
| 2023-09-19
⋅
Cisco Talos
⋅
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants HTTPSnoop PipeSnoop LightBasin ShroudedSnooper |
| 2022-03-16
⋅
Mandiant
⋅
Have Your Cake and Eat it Too? An Overview of UNC2891 SLAPSTICK STEELCORGI LightBasin |
| 2021-10-19
⋅
CrowdStrike
⋅
LightBasin: A Roaming Threat to Telecommunications Companies LightBasin |