S1078Linux

S1078RotaJakiro

Platforms
1
ATT&CK
14.1
References
3

Description

[RotaJakiro](https://attack.mitre.org/software/S1078) is a 64-bit Linux backdoor used by [APT32](https://attack.mitre.org/groups/G0050). First seen in 2018, it uses a plugin architecture to extend capabilities. [RotaJakiro](https://attack.mitre.org/software/S1078) can determine it's permission level and execute according to access type (`root` or `user`).(Citation: RotaJakiro 2021 netlab360 analysis)(Citation: netlab360 rotajakiro vs oceanlotus)

Platforms· 1

Linux

References

  1. https://attack.mitre.org/software/S1078
  2. https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/
  3. https://blog.netlab.360.com/rotajakiro_linux_version_of_oceanlotus/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
jRAT
Software
OSX_OCEANLOTUS.D
Software
SideTwist
Software
Heyoka Backdoor
Software
LoJax
Software
EVILNUM
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.