Ninja (2dd26ff0-22d6-591b-9054-78e84fa3e05c)
Ninja is a malware developed in C++ that has been used by ToddyCat to penetrate networks and control remote systems since at least 2020. Ninja is possibly part of a post exploitation toolkit exclusively used by ToddyCat and allows multiple operators to work simultaneously on the same machine. Ninja has been used against government and military entities in Europe and Asia and observed in specific infection chains being deployed by Samurai.[Kaspersky ToddyCat June 2022]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| ToddyCat (0f41da7d-1e47-58fe-ba6e-ee658a985e1b) | Tidal Groups | Ninja (2dd26ff0-22d6-591b-9054-78e84fa3e05c) | Tidal Software | 1 |