AcidRain (cf465790-3d6d-5767-bb8c-63a429f95d83)
AcidRain is an ELF binary targeting modems and routers using MIPS architecture.[AcidRain JAGS 2022] AcidRain is associated with the ViaSat KA-SAT communication outage that took place during the initial phases of the 2022 full-scale invasion of Ukraine. Analysis indicates overlap with another network device-targeting malware, VPNFilter, associated with Sandworm Team.[AcidRain JAGS 2022] US and European government sources linked AcidRain to Russian government entities, while Ukrainian government sources linked AcidRain specifically to Sandworm Team.[AcidRain State Department 2022][Vincens AcidPour 2024]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) | Tidal Groups | AcidRain (cf465790-3d6d-5767-bb8c-63a429f95d83) | Tidal Software | 1 |