RIFLESPINE (82548759-1883-40c8-a76c-2b0900e21a73)
RIFLESPINE is a cross-platform backdoor that leverages Google Drive to transfer files and execute commands. It adopts the CryptoPP library to implement the AES algorithm to encrypt and decrypt the data transmitted between an affected machine and the threat actor.[Google Cloud June 18 2024]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
RIFLESPINE (82548759-1883-40c8-a76c-2b0900e21a73) | Tidal Software | UNC3886 (23af694a-11f4-43eb-a176-683059b301cb) | Tidal Groups | 1 |