SYMBOLCOMMON_NAMEaka. SYNONYMS

Volatile Cedar  (Back to overview)

aka: Reuse team, Malware reusers, Dancing Salome, Lebanese Cedar

Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive .


Associated Families

There are currently no families associated with this actor.


References
2021-01-28ClearSkyClearSky Research Team
@techreport{team:20210128:lebanese:94effe4, author = {ClearSky Research Team}, title = {{“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers}}, date = {2021-01-28}, institution = {ClearSky}, url = {https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf}, language = {English}, urldate = {2021-01-29} } “Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Volatile Cedar
2015-06-09Check PointCheck Point
@online{point:20150609:new:73a136b, author = {Check Point}, title = {{New Data: Volatile Cedar Malware Campaign}}, date = {2015-06-09}, organization = {Check Point}, url = {https://blog.checkpoint.com/2015/06/09/new-data-volatile-cedar/}, language = {English}, urldate = {2020-01-13} } New Data: Volatile Cedar Malware Campaign
Volatile Cedar
2015-03-31Check Point ResearchCheck Point Research
@online{research:20150331:volatile:416807b, author = {Check Point Research}, title = {{Volatile Cedar - Analysis of a Global Cyber Espionage Campaign}}, date = {2015-03-31}, organization = {Check Point Research}, url = {https://blog.checkpoint.com/2015/03/31/volatilecedar/}, language = {English}, urldate = {2020-04-06} } Volatile Cedar - Analysis of a Global Cyber Espionage Campaign
Volatile Cedar
2015-03-31Kaspersky LabsKurt Baumgartner, Costin Raiu
@online{baumgartner:20150331:sinkholing:7a359b4, author = {Kurt Baumgartner and Costin Raiu}, title = {{Sinkholing Volatile Cedar DGA Infrastructure}}, date = {2015-03-31}, organization = {Kaspersky Labs}, url = {https://securelist.com/sinkholing-volatile-cedar-dga-infrastructure/69421/}, language = {English}, urldate = {2019-12-20} } Sinkholing Volatile Cedar DGA Infrastructure
Volatile Cedar

Credits: MISP Project