S0582Windows

S0582LookBack

Platforms
1
ATT&CK
14.1
References
4

Description

[LookBack](https://attack.mitre.org/software/S0582) is a remote access trojan written in C++ that was used against at least three US utility companies in July 2019. The TALONITE activity group has been observed using [LookBack](https://attack.mitre.org/software/S0582).(Citation: Proofpoint LookBack Malware Aug 2019)(Citation: Dragos TALONITE)(Citation: Dragos Threat Report 2020)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0582
  2. https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks
  3. https://www.dragos.com/threat/talonite/
  4. https://hub.dragos.com/hubfs/Year-in-Review/Dragos_2020_ICS_Cybersecurity_Year_In_Review.pdf?hsCtaTracking=159c0fc3-92d8-425d-aeb8-12824f2297e8%7Cf163726d-579b-4996-9a04-44e5a124d770

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
TrailBlazer
Actor
TA410
Software
EVILNUM
Software
SLOTHFULMEDIA
Software
FIVEHANDS
Software
MarkiRAT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.