Chisel (bd2b2375-4f16-42b2-a862-959b5b41c2af)
Chisel is an open source tool that can be used for networking tunneling.[U.S. CISA AvosLocker October 11 2023] According to its GitHub project page, "Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH".[GitHub Chisel] Threat actors including ransomware operators and nation-state-aligned espionage actors have used Chisel as part of their operations.[U.S. CISA AvosLocker October 11 2023][CISA AA20-259A Iran-Based Actor September 2020]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Fox Kitten (7094468a-2310-48b5-ad24-e669152bd66d) | Tidal Groups | Chisel (bd2b2375-4f16-42b2-a862-959b5b41c2af) | Tidal Software | 1 |
Chisel (bd2b2375-4f16-42b2-a862-959b5b41c2af) | Tidal Software | Private Cluster (fac6fbf1-935f-4106-ad8b-c8fd8389dd38) | Unknown | 1 |
Chisel (bd2b2375-4f16-42b2-a862-959b5b41c2af) | Tidal Software | Royal Ransomware Actors (86b97a39-49c3-431e-bcc8-f4e13dbfcdf5) | Tidal Groups | 1 |