Skip to content

<<< Hide Navigation Hide TOC >>>

Longhorn (2f3311cd-8476-4be7-9005-ead920afc781)

Longhorn has been active since at least 2011. It has used a range of back door Trojans in addition to zero-day vulnerabilities to compromise its targets. Longhorn has infiltrated governments and internationally operating organizations, in addition to targets in the financial, telecoms, energy, aerospace, information technology, education, and natural resources sectors. All of the organizations targeted would be of interest to a nation-state attacker. Longhorn has infected 40 targets in at least 16 countries across the Middle East, Europe, Asia, and Africa. On one occasion a computer in the United States was compromised but, following infection, an uninstaller was launched within hours, which may indicate this victim was infected unintentionally. According to cfr, this threat actor compromises governments, international organizations, academic institutions, and financial, telecommunications, energy, aerospace, information technology, and natural resource industries for espionage purposes. Some of the tools used by this threat actor were released by Wikileaks under the name "Vault 7."

Galaxy ColorsThreat Act...ToolMalpedia
Rows: 9
Loading extensions...
Collapse filters
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Cluster A Galaxy A Cluster B Galaxy B Level
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor Longhorn (2f3311cd-8476-4be7-9005-ead920afc781) Threat Actor 1
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor EquationLaser (21f7a57b-7778-4b3e-9b50-5289ae3b445d) Tool 2
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor EquationDrug (3e0c2d35-87cb-40f9-b341-a6c8dbec697e) Tool 2
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor DoubleFantasy (fb8828a4-76de-467d-9f52-528984aa9b8d) Tool 2
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor TripleFantasy (a4cebcc4-9e9b-415f-aa05-dd71c4e288fe) Tool 2
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor Fanny (1e25d254-3f03-4752-b8d6-023a23e7d4ae) Tool 2
Equation Group (7036fb3d-86b7-4d9c-bc66-1e1ead8b7840) Threat Actor GrayFish (2407bd9a-a3a4-40c4-86de-be6965243c67) Tool 2
EquationDrug (3e0c2d35-87cb-40f9-b341-a6c8dbec697e) Tool EquationDrug (c4490972-3403-4043-9d61-899c0a440940) Malpedia 3
Fanny (1e25d254-3f03-4752-b8d6-023a23e7d4ae) Tool Fanny (6d441619-c5f5-45ff-bc63-24cecd0b237e) Malpedia 3