SYMBOLCOMMON_NAMEaka. SYNONYMS

Volatile Cedar  (Back to overview)

aka: Lebanese Cedar, DeftTorero

Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive.

Associated Families

There are currently no families associated with this actor.

References
2022-10-03Kaspersky LabsGReAT
@online{great:20221003:defttorero:da8a03c, author = {GReAT}, title = {{DeftTorero: tactics, techniques and procedures of intrusions revealed}}, date = {2022-10-03}, organization = {Kaspersky Labs}, url = {https://securelist.com/defttorero-tactics-techniques-and-procedures/107610/}, language = {English}, urldate = {2022-10-07} } DeftTorero: tactics, techniques and procedures of intrusions revealed
Nightrunner Tunna ASPXSpy LaZagne ExplosiveRAT reGeorg Volatile Cedar
2021-01-28ClearSkyClearSky Research Team
@techreport{team:20210128:lebanese:94effe4, author = {ClearSky Research Team}, title = {{“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers}}, date = {2021-01-28}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf}, language = {English}, urldate = {2021-01-29} } “Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar
2015-06-09Check PointCheck Point
@online{point:20150609:new:73a136b, author = {Check Point}, title = {{New Data: Volatile Cedar Malware Campaign}}, date = {2015-06-09}, organization = {Check Point}, url = {https://blog.checkpoint.com/2015/06/09/new-data-volatile-cedar/}, language = {English}, urldate = {2020-01-13} } New Data: Volatile Cedar Malware Campaign
Volatile Cedar
2015-03-31Kaspersky LabsKurt Baumgartner, Costin Raiu
@online{baumgartner:20150331:sinkholing:7a359b4, author = {Kurt Baumgartner and Costin Raiu}, title = {{Sinkholing Volatile Cedar DGA Infrastructure}}, date = {2015-03-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/sinkholing-volatile-cedar-dga-infrastructure/69421/}, language = {English}, urldate = {2019-12-20} } Sinkholing Volatile Cedar DGA Infrastructure
Volatile Cedar
2015-03-31Check Point ResearchCheck Point Research
@online{research:20150331:volatile:416807b, author = {Check Point Research}, title = {{Volatile Cedar - Analysis of a Global Cyber Espionage Campaign}}, date = {2015-03-31}, organization = {Check Point Research}, url = {https://blog.checkpoint.com/2015/03/31/volatilecedar/}, language = {English}, urldate = {2020-04-06} } Volatile Cedar - Analysis of a Global Cyber Espionage Campaign
Volatile Cedar
2015-03-30Check PointCheck Point
@techreport{point:20150330:volatile:35cc0a6, author = {Check Point}, title = {{Volatile Cedar}}, date = {2015-03-30}, institution = {Check Point}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2015/03/20082004/volatile-cedar-technical-report.pdf}, language = {English}, urldate = {2022-10-07} } Volatile Cedar
Volatile Cedar
Credits: MISP Project