Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation LOWKEY

The APT41 threat actor used malware known as LOWKEY to target specific entities. The passive backdoor can perform a range of commands including stopping processes, downloading and uploading files, and creating a reverse shell. The malicious software listens on port 53 or port 80 to be activated and uses multiple named pipes for communication.
Name Modified Date Sources
Operation LOWKEY 2019-11-18