Names | Sykipot Getkys Wkysol | |
Category | Malware | |
Type | Info stealer | |
Description | Sykipot is malware that has been used in spearphishing campaigns since approximately 2007 against victims primarily in the US. One variant of Sykipot hijacks smart cards on victims. The group using this malware has also been referred to as Sykipot. | |
Information | <https://www.sans.org/reading-room/whitepapers/malicious/detailed-analysis-sykipot-smartcard-proxy-variant-33919> <https://blog.trendmicro.com/trendlabs-security-intelligence/sykipot-now-targeting-us-civil-aviation-sector-information/> <https://www.alienvault.com/blogs/labs-research/sykipot-is-back> <https://community.rsa.com/thread/185437> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0018/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.sykipot> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:sykipot> |
Last change to this tool card: 14 May 2020
Download this tool card in JSON format
Previous: Sword
Next: SymonLoader
Changed | Name | Country | Observed | ||
APT groups | |||||
![]() | APT 4, Maverick Panda, Wisp Team | ![]() | 2007-Oct 2018 | ||
Samurai Panda | ![]() | 2009 |
2 groups listed (2 APT, 0 other, 0 unknown)
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1234 | |
![]() |
report@thaicert.or.th | |
![]() |
Download PGP key |