LightNeuron malware

GPTKB entity

Statements (30)
Predicate Object
gptkbp:instanceOf malware
gptkbp:alias gptkb:LightNeuron
Exchange Transport Agent backdoor
gptkbp:attributedTo gptkb:Turla_group
gptkbp:controls commands hidden in email attachments
gptkbp:discoveredBy gptkb:ESET
gptkbp:diseaseVector malicious email attachments
compromised Exchange servers
gptkbp:firstReported 2019
https://www.w3.org/2000/01/rdf-schema#label LightNeuron malware
gptkbp:notableFeature can read, modify, block, or send emails
operates as a Microsoft Exchange Transport Agent
gptkbp:persistenceMechanism Exchange Transport Agent registration
gptkbp:platform gptkb:Microsoft_Exchange
gptkbp:primaryUse command and control
data exfiltration
email interception
gptkbp:publicDisclosure gptkb:ESET_whitepaper_2019
gptkbp:removalDifficulty high
gptkbp:target government organizations
military organizations
diplomatic entities
gptkbp:usedBy APT group
gptkbp:usedIn espionage campaigns
gptkbp:usesMalware backdoor
email hijacker
gptkbp:分布地区 gptkb:Middle_East
gptkb:Eastern_Europe
gptkbp:bfsParent gptkb:Turla
gptkbp:bfsLayer 6