Cloudflared (b34e9f4e-4e08-4a11-9499-86ed40f93d94)
Cloudflared is a tool known to be abused by adversaries for the purposes of "securely" exposing applications, services, or servers to the internet via Cloudflare Tunnel in order to help evade detection.[U.S. CISA Medusa Ransomware March 12 2025]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Medusa Ransomware Actors (316a49d5-5fe0-4e0b-a276-f955f4277162) | Tidal Groups | Cloudflared (b34e9f4e-4e08-4a11-9499-86ed40f93d94) | Tidal Software | 1 |