ThreatNeedle (b31c7b8e-dbdd-4ad5-802e-dcdc72b7462e)
ThreatNeedle is a backdoor that has been used by Lazarus Group since at least 2019 to target cryptocurrency, defense, and mobile gaming organizations. It is considered to be an advanced cluster of Lazarus Group's Manuscrypt (a.k.a. NukeSped) malware family.[Kaspersky ThreatNeedle Feb 2021]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Lazarus Group (0bc66e95-de93-4de7-b415-4041b7191f08) | Tidal Groups | ThreatNeedle (b31c7b8e-dbdd-4ad5-802e-dcdc72b7462e) | Tidal Software | 1 |