KEYPLUG (ba9e56b9-7904-5ec8-bb39-7f82f7b2e89a)
KEYPLUG is a modular backdoor written in C++, with Windows and Linux variants, that has been used by APT41 since at least June 2021.[Mandiant APT41]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9) | Tidal Groups | KEYPLUG (ba9e56b9-7904-5ec8-bb39-7f82f7b2e89a) | Tidal Software | 1 |