SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.windtail (Back to overview)

WindTail

Actor(s): WindShift

There is no description at this point.

References
2019-12-12Virus BulletinPatrick Wardle
@online{wardle:20191212:cyber:50cf0cd, author = {Patrick Wardle}, title = {{Cyber espionage in the Middle East: unravelling OSX.WindTail}}, date = {2019-12-12}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/virusbulletin/2020/04/vb2019-paper-cyber-espionage-middle-east-unravelling-osxwindtail/}, language = {English}, urldate = {2020-04-08} } Cyber espionage in the Middle East: unravelling OSX.WindTail
WindTail
2019-04-24SpecterOpsRichie Cyrus
@online{cyrus:20190424:introducing:f1d4536, author = {Richie Cyrus}, title = {{Introducing Venator: A macOS tool for proactive detection}}, date = {2019-04-24}, organization = {SpecterOps}, url = {https://posts.specterops.io/introducing-venator-a-macos-tool-for-proactive-detection-34055a017e56}, language = {English}, urldate = {2020-01-07} } Introducing Venator: A macOS tool for proactive detection
AppleJeus WindTail
2019-04-08SANS Cyber Security SummitTaha Karim
@techreport{karim:20190408:trails:83a8378, author = {Taha Karim}, title = {{Trails of WindShift}}, date = {2019-04-08}, institution = {SANS Cyber Security Summit}, url = {https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1554718868.pdf}, language = {English}, urldate = {2020-01-20} } Trails of WindShift
WindTail ZhMimikatz
2019-01-15Obective SeePatrick Wardle
@online{wardle:20190115:middle:687dc1d, author = {Patrick Wardle}, title = {{Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 2)}}, date = {2019-01-15}, organization = {Obective See}, url = {https://objective-see.com/blog/blog_0x3D.html}, language = {English}, urldate = {2019-12-18} } Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 2)
WindTail
2018-12-20Objective-SeePatrick Wardle
@online{wardle:20181220:middle:a318acb, author = {Patrick Wardle}, title = {{Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 1)}}, date = {2018-12-20}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x3B.html}, language = {English}, urldate = {2020-01-07} } Middle East Cyber-Espionage: analyzing WindShift's implant: OSX.WindTail (part 1)
WindTail
2018-08-30ForbesThomas Brewster
@online{brewster:20180830:hackers:d006ceb, author = {Thomas Brewster}, title = {{Hackers Are Exposing An Apple Mac Weakness In Middle East Espionage}}, date = {2018-08-30}, organization = {Forbes}, url = {https://www.forbes.com/sites/thomasbrewster/2018/08/30/apple-mac-loophole-breached-in-middle-east-hacks/}, language = {English}, urldate = {2019-11-26} } Hackers Are Exposing An Apple Mac Weakness In Middle East Espionage
WindTail
2018DarkMatterTaha K.
@techreport{k:2018:in:87e5693, author = {Taha K.}, title = {{IN THE TRAILS OF WINDSHIFTAPT}}, date = {2018}, institution = {DarkMatter}, url = {https://gsec.hitb.org/materials/sg2018/D1%20COMMSEC%20-%20In%20the%20Trails%20of%20WINDSHIFT%20APT%20-%20Taha%20Karim.pdf}, language = {English}, urldate = {2020-01-08} } IN THE TRAILS OF WINDSHIFTAPT
WindTail WindShift

There is no Yara-Signature yet.