Skip to content

Hide Navigation Hide TOC

FleetDeck (68758d3a-ec4b-4c19-933d-b4c3000281b2)

FleetDeck is a commercial remote monitoring and management (RMM) tool that enables remote desktop access and “virtual terminal” capabilities. Government and commercial reports indicate that financially motivated adversaries, including BlackCat (AKA ALPHV or Noberus) actors and Scattered Spider (AKA 0ktapus or UNC3944), have used FleetDeck for command and control and persistence purposes during intrusions.[Cyber Centre ALPHV/BlackCat July 25 2023][CrowdStrike Scattered Spider SIM Swapping December 22 2022]

Cluster A Galaxy A Cluster B Galaxy B Level
FleetDeck (68758d3a-ec4b-4c19-933d-b4c3000281b2) Tidal Software Scattered Spider (3d77fb6c-cfb4-5563-b0be-7aa1ad535337) Tidal Groups 1
FleetDeck (68758d3a-ec4b-4c19-933d-b4c3000281b2) Tidal Software BlackCat Ransomware Actors & Affiliates (33159d02-a1ce-49ec-a381-60b069db66f7) Tidal Groups 1