XTunnel (133136f0-7254-4cec-8710-0ab99d5da4e5)
XTunnel a VPN-like network proxy tool that can relay traffic between a C2 server and a victim. It was first seen in May 2013 and reportedly used by APT28 during the compromise of the Democratic National Committee. [Crowdstrike DNC June 2016] [Invincea XTunnel] [ESET Sednit Part 2]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
XTunnel (133136f0-7254-4cec-8710-0ab99d5da4e5) | Tidal Software | APT28 (5b1a5b9e-4722-41fc-a15d-196a549e3ac5) | Tidal Groups | 1 |