ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool SnifLite

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: SnifLite

NamesSnifLite
CategoryMalware
TypeCredential stealer
Description(Group-IB) After deobfuscating the code, Group-IB found that the attacks used a sniffer from the SnifLite family, already known to Group-IB experts and used by the threat actor UltraRank. Due to the relatively small number of infected websites, the attackers most likely used the credentials in the CMS administrative panel, which, in turn, could have been compromised using malware or as a result of brute force attacks.
Information<https://www.group-ib.com/blog/ultrarank>

Last change to this tool card: 06 January 2021

Download this tool card in JSON format

All groups using tool SnifLite

ChangedNameCountryObserved

APT groups

 UltraRank[Unknown]2015-Nov 2020 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key