[Intel]: https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks

### Area

Malware reports

### Parent threat

Credential Access, Defense Evasion, Discovery, Lateral Movement, Collection, Command and Control, Impact

### Finding

https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks

### Industry reference

vertical:Telecomms
attack:T1573.001:Symmetric Cryptography
attack:T1590:Gather Victim Network Information
attack:T1562.004:Disable or Modify System Firewall
attack:T1048.001:Exfiltration Over Unencrypted Non-C2 Protocol
attack:T1021.004:SSH
attack:T1037.004:RC Scripts
attack:T1090.001:Internal Proxy
attack:T1090.002:External Proxy
attack:T1110.003:Password Spraying
uses:RedirectionToNull
uses:Non-persistentStorage

### Malware reference

https://github.com/timb-machine/linux-malware/issues/134
SLAPSTICK
STEELCORGI
PingPong
TINYSHELL
CordScan
SIGTRANslator
Fast Reverse Proxy
Microsocks Proxy
ProxyChains

### Actor reference

LIMINAL PANDA
LightBasin
UNC1945

### Component

Solaris, Linux, Telecomms

### Scenario

Internal specialist services

### Scenario variation

Enclave deployment


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Intel]: https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks #8

Area

Parent threat

Finding

Industry reference

Malware reference

Actor reference

Component

Scenario

Scenario variation

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development