PitFuel (615e7a59-fcd8-4127-98ed-360f2b5341ed)
PitFuel is a SparkGateway plugin that loads the shared object libchilkat.so (LITTLELAMB.WOOLTEA) through the Java Native Interface (JNI) by calling System.load(). The shared object persistently deploys backdoors and contains capabilities to persist across system upgrade events, patches, and factory resets.[Mandiant Cutting Edge Part 3 February 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| PitFuel (615e7a59-fcd8-4127-98ed-360f2b5341ed) | Tidal Software | UNC5325 (be7243cb-6031-4e2a-97d9-3522c002becd) | Tidal Groups | 1 |