RomCom (4af6326b-eba7-4446-83aa-8b98771d390f)
RomCom is a custom backdoor believed to be developed and distributed by the Void Rabisu threat actor. It has been used in attacks that Trend Micro researchers assess to be geopolitically motivated.[Trend Micro Void Rabisu May 30 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Void Rabisu (c2015888-72c0-4367-b2cf-df85688a56b7) | Tidal Groups | RomCom (4af6326b-eba7-4446-83aa-8b98771d390f) | Tidal Software | 1 |