LightBasinLightBasin

Also known as: UNC1945 · CL-CRI-0025 · LightBasin

Known aliases
3

Profile

UNC1945 is an APT group that has been targeting telecommunications companies globally. They use Linux-based implants to maintain long-term access in compromised networks. UNC1945 has demonstrated advanced technical abilities, utilizing various tools and techniques to evade detection and move laterally through networks. They have also been observed targeting other industries, such as financial and professional consulting, and have been linked to other threat actors, including MustangPanada and RedDelta.

Aliases· 3

UNC1945CL-CRI-0025LightBasin

References

  1. https://www.mandiant.com/resources/unc2891-overview
  2. https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks/
  3. https://blog.talosintelligence.com/introducing-shrouded-snooper/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
UNC3524
Actor
UNC1549
Actor
UNC4841
Actor
UNC215
Actor
UNC4191
Actor
UNC3886
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.