ShadowPad backdoor attacks

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:abilities command and control
remote access
data exfiltration
gptkbp:attributedTo gptkb:APT41
gptkb:Chinese_threat_actors
gptkbp:detects gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:Symantec
gptkbp:firstObserved 2017
https://www.w3.org/2000/01/rdf-schema#label ShadowPad backdoor attacks
gptkbp:impact espionage
data theft
gptkbp:method supply chain compromise
malware injection
gptkbp:notableEvent CCleaner compromise
NetSarang supply chain attack
gptkbp:target gptkb:energy
supply chain
government organizations
critical infrastructure
telecommunications sector
gptkbp:uses encrypted communication
DLL side-loading
modular plugins
fileless techniques
ShadowPad malware
gptkbp:usesMalware modular backdoor
gptkbp:分布地区 gptkb:Asia
gptkb:Europe
gptkb:North_America
gptkbp:bfsParent gptkb:Winnti_Group
gptkbp:bfsLayer 8