Question 1

What is EVILTOSS — EVILTOSS?

Accepted Answer

backdoor used by apt28 Sedreco serves as a spying backdoor; its functionalities can be extended with dynamically loaded plugins. It is made up of two distinct components: a dropper and the persistent payload installed by this dropper. We have not seen this component since April 2016.

Question 2

What is the authoritative source for EVILTOSS?

Accepted Answer

EVILTOSS (EVILTOSS) is catalogued in MITRE ATT&CK Enterprise and curated for EU compliance use cases by SQUR.

EVILTOSSEVILTOSS

Description

Related by meaning· 6