According to AhnLab, BlueShell is a backdoor malware developed in Go language, published on Github, and it supports Windows, Linux, and Mac operating systems. Currently, the original Github repository is presumed to have been deleted, but the BlueShell source code can still be obtained from other repositories. It features an explanatory ReadMe file in Chinese, indicating the possibility that the creator is a Chinese user.
|2023-09-11 ⋅ AhnLab ⋅ |
BlueShell Used in APT Attacks Against Korean and Thai Targets
|2023-09-05 ⋅ AhnLab ⋅ |
BlueShell malware used in APT attacks targeting Korea and Thailand
|2023-02-13 ⋅ AhnLab ⋅ |
Dalbit (m00nlight): Chinese Hacker Group’s APT Attack Campaign
Godzilla Webshell ASPXSpy BlueShell CHINACHOPPER Cobalt Strike Ladon MimiKatz
There is no Yara-Signature yet.