Volatile Cedar  (Back to overview)

aka: DeftTorero, Lebanese Cedar

Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive.

Associated Families

There are currently no families associated with this actor.

2022-10-03Kaspersky LabsGReAT
DeftTorero: tactics, techniques and procedures of intrusions revealed
Nightrunner Tunna ASPXSpy LaZagne ExplosiveRAT reGeorg Volatile Cedar
2021-01-28ClearSkyClearSky Research Team
“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar
2015-06-09Check PointCheck Point
New Data: Volatile Cedar Malware Campaign
Volatile Cedar
2015-03-31Check Point ResearchCheck Point Research
Volatile Cedar - Analysis of a Global Cyber Espionage Campaign
Volatile Cedar
2015-03-31Kaspersky LabsCostin Raiu, Kurt Baumgartner
Sinkholing Volatile Cedar DGA Infrastructure
Volatile Cedar
2015-03-30Check PointCheck Point
Volatile Cedar
Volatile Cedar

Credits: MISP Project