S1084Network

S1084QUIETEXIT

Platforms
1
ATT&CK
14.1
References
2

Description

[QUIETEXIT](https://attack.mitre.org/software/S1084) is a novel backdoor, based on the open-source Dropbear SSH client-server software, that has been used by [APT29](https://attack.mitre.org/groups/G0016) since at least 2021. [APT29](https://attack.mitre.org/groups/G0016) has deployed [QUIETEXIT](https://attack.mitre.org/software/S1084) on opaque network appliances that typically don't support antivirus or endpoint detection and response tools within a victim environment.(Citation: Mandiant APT29 Eye Spy Email Nov 22)

Platforms· 1

Network

Attributed to1

TypeTargetConfidenceTier
GroupAPT29g001695%live

References

  1. https://attack.mitre.org/software/S1084
  2. https://www.mandiant.com/resources/blog/unc3524-eye-spy-email

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
QUIETCANARY
Software
Heyoka Backdoor
Software
Fysbis
Software
BADHATCH
Software
Action RAT
Software
FatDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.