Skip to content

Hide Navigation Hide TOC

Backdoor.Oldrea (f7cc5974-767c-4cb4-acc7-36295a386ce5)

Backdoor.Oldrea is a modular backdoor that used by Dragonfly against energy companies since at least 2013. Backdoor.Oldrea was distributed via supply chain compromise, and included specialized modules to enumerate and map ICS-specific systems, processes, and protocols.[Symantec Dragonfly][Gigamon Berserk Bear October 2021][Symantec Dragonfly Sept 2017]

Cluster A Galaxy A Cluster B Galaxy B Level
Backdoor.Oldrea (f7cc5974-767c-4cb4-acc7-36295a386ce5) Tidal Software Dragonfly (472080b0-e3d4-4546-9272-c4359fe856e1) Tidal Groups 1