Driftpin is a small and simple backdoor that enables the attackers to assess the victim. When executed the trojan connects to a C&C server and receives commands to grab screenshots, enumerate running processes and get information about the system and campaign ID.
|2020 ⋅ Secureworks ⋅ |
Bateleur Griffon Carbanak Cobalt Strike DRIFTPIN TinyMet FIN7
|2018-10-01 ⋅ FireEye ⋅ |
Bateleur BELLHOP Griffon ANTAK POWERPIPE POWERSOURCE HALFBAKED BABYMETAL Carbanak Cobalt Strike DNSMessenger DRIFTPIN PILLOWMINT SocksBot
|2017-06-12 ⋅ FireEye ⋅ |
Behind the CARBANAK Backdoor
|2015-09-08 ⋅ ESET Research ⋅ |
Carbanak gang is back and packing new guns
There is no Yara-Signature yet.