Skip to content

Hide Navigation Hide TOC

LogMeIn (7b471178-30a1-4c48-bbff-c4d2fdbb35a9)

LogMeIn provides multiple freely available tools that can be used for remote access to systems, including the flagship Rescue tool.[LogMeIn Homepage] Adversary groups, including the Royal ransomware operation and LAPSUS$, have used LogMeIn remote access software for initial access to and persistence within victim networks.[CISA Royal AA23-061A March 2023][CSRB LAPSUS$ July 24 2023]

Cluster A Galaxy A Cluster B Galaxy B Level
Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5) Tidal Groups LogMeIn (7b471178-30a1-4c48-bbff-c4d2fdbb35a9) Tidal Software 1
LAPSUS$ (0060bb76-6713-4942-a4c0-d4ae01ec2866) Tidal Groups LogMeIn (7b471178-30a1-4c48-bbff-c4d2fdbb35a9) Tidal Software 1
BlackSuit Ransomware Actors (1d751794-ce94-4936-bf45-4ab86d0e3b6e) Tidal Groups LogMeIn (7b471178-30a1-4c48-bbff-c4d2fdbb35a9) Tidal Software 1