Metador  (Back to overview)

Metador primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. Metador’s attack chains are designed to bypass native security solutions while deploying malware platforms directly into memory. SentinelLabs researchers discovered variants of two long-standing Windows malware platforms, and indications of an additional Linux implant.

Associated Families

There are currently no families associated with this actor.

2022-12-01SentinelOneAleksandar Milenkoski
The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques
2022-09-22SentinelOneAleksandar Milenkoski, Amitai Ben Shushan Ehrlich, Juan Andrés Guerrero-Saade
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

Credits: MISP Project