#apt12

Type: Nation-State-SponsoredAPT12 Status: Believed InactiveAPT12 Other Names: Numbered Panda/ IXESHE/ DYNCALC/ JOY RAT/ Etumbot/ Beebus/ Group 22/ TG-2754/ Calc Team/ DynCalc/ Crimson Iron/ DNSCalc Malware: Etumbot Riptide RIPTIDE is a proxy-aware backdoor that communicates via HTTP to a hard-coded command and control (C2) server Hightide ThreeByte, backdoor Waterspout, backdoor all variants of same backdoor, differ to avoid detection enable persist presence and surveillance Mswab Gh0st ShowNews 3001 Preferred Attack Vector: Spear phishing

fireeyeflare

Type: Nation-State-SponsoredAPT12 Status: Believed InactiveAPT12 Other Names: Numbered Panda/ IXESHE/ DYNCALC/ JOY RAT/ Etumbot/ Beebus/ Group 22/ TG-2754/ Calc Team/ DynCalc/ Crimson Iron/ DNSCalc Malware: Etumbot riptide RIPTIDE is a proxy-aware backdoor that communicates via HTTP to a hard-coded command and control (C2) server Hightide ThreeByte, backdoor Waterspout, backdoor all variants of same backdoor, differ to avoid detection enable persist presence and surveillance Mswab Gh0st ShowNews 3001 Preferred Attack Vector: Spear phishing

Post ride pint. #stbernardus #apt12 #yeggers #hardcorebikes (at Rosso Pizzeria)