SUNBURST malware

URI: https://gptkb.org/entity/SUNBURST_malware
GPTKB entity
Statements (33)
Predicate Object
gptkbp:instanceOf malware
gptkbp:alsoKnownAs gptkb:Solorigate
gptkbp:attributedTo gptkb:Cozy_Bear
Russian APT29
gptkbp:category cybercrime
supply chain attack
APT malware
gptkbp:deliveredBy gptkb:SolarWinds_Orion_software_update
gptkbp:discoveredBy gptkb:FireEye
December 2020
gptkbp:discoveredIn 2020
gptkbp:enables command and control
remote access
data exfiltration
gptkbp:exploits supply chain vulnerability
https://www.w3.org/2000/01/rdf-schema#label SUNBURST malware
gptkbp:notableCompany private sector companies
US government agencies
gptkbp:notableVictim gptkb:US_Treasury_Department
gptkb:European_Parliament
gptkb:Microsoft
gptkb:NATO
gptkb:FireEye
gptkb:US_Department_of_Commerce
gptkbp:removes gptkb:Microsoft
gptkb:SolarWinds
gptkbp:target gptkb:Microsoft_Windows
gptkbp:type backdoor
gptkbp:usedIn gptkb:SolarWinds_supply_chain_attack
gptkbp:usesMalware gptkb:Sunburst
gptkbp:writtenBy gptkb:C#
gptkbp:bfsParent gptkb:Operation:_Sunburst
gptkbp:bfsLayer 6