SUNSPOT (66966a12-3db3-4e43-a7e8-6c6836ccd8fe)
SUNSPOT is an implant that injected the SUNBURST backdoor into the SolarWinds Orion software update framework. It was used by APT29 since at least February 2020.[CrowdStrike SUNSPOT Implant January 2021]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| APT29 (4c3e48b9-4426-4271-a7af-c3dfad79f447) | Tidal Groups | SUNSPOT (66966a12-3db3-4e43-a7e8-6c6836ccd8fe) | Tidal Software | 1 |