HexagonalRodentHexagonalRodent

Also known as: HexagonalRodent

Known aliases
1

Profile

HexagonalRodent targets Web3 developers to steal crypto assets, employing social engineering tactics such as fake job offers. They utilize malware like BeaverTail and OtterCookie, both NodeJS-based toolkits, and InvisibleFerret, a Python-based RAT, to execute their attacks. Their TTPs include backdooring skills assessments via VSCode's tasks.json feature and conducting opportunistic exfiltration of credentials and crypto wallets. The group has also engaged in a supply chain attack, compromising the 'fast-draft' VSX extension to install malware.

Aliases· 1

HexagonalRodent

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
WhiteCobra
Actor
JINX-0164
Actor
GreedyBear
Actor
ResumeLooters
Actor
Reckless Rabbit
Actor
UNC6032
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.