LBconfidence: 50G0070

Dark CaracalDark Caracal

Also known as: G0070 · Dark Caracal

Origin
LB
Known aliases
2
Attribution
50

Profile

Lookout and Electronic Frontier Foundation (EFF) have discovered Dark Caracal, a persistent and prolific actor, who at the time of writing is believed to be administered out of a building belonging to the Lebanese General Security Directorate in Beirut. At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims. Stolen data includes enterprise intellectual property and personally identifiable information.

Aliases· 2

Dark Caracal
G0070

MITRE ATT&CK Group crosswalk

G0070

References

  1. https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf
  2. https://research.checkpoint.com/2020/bandook-signed-delivered
  3. https://attack.mitre.org/groups/G0070/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Caracal Kitten
Actor
TRACER KITTEN
Group
DarkHydrus
Actor
BackdoorDiplomacy
Actor
Stealth Falcon
Actor
DarkRaaS
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.