S1027Windows

S1027Heyoka Backdoor

Platforms
1
ATT&CK
14.1
References
3

Description

[Heyoka Backdoor](https://attack.mitre.org/software/S1027) is a custom backdoor--based on the Heyoka open source exfiltration tool--that has been used by [Aoqin Dragon](https://attack.mitre.org/groups/G1007) since at least 2013.(Citation: SentinelOne Aoqin Dragon June 2022)(Citation: Sourceforge Heyoka 2022)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupAoqin Dragong1007100%live

References

  1. https://attack.mitre.org/software/S1027
  2. https://www.sentinelone.com/labs/aoqin-dragon-newly-discovered-chinese-linked-apt-has-been-quietly-spying-on-organizations-for-10-years/
  3. https://heyoka.sourceforge.net/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Mongall
Actor
Aoqin Dragon
Software
QUIETCANARY
Software
Sys10
Software
HAWKBALL
Software
Chinoxy
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.