Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation PowDesk

The APT34 threat group, also known as OilRig or Helix Kitten, are suspected to have targeted companies in the IT sector with malware known as PowDesk. The malicious software targeted systems with the LANDesk Management Agent installed and exfiltrated system information to command and control servers under the actor's control. The group used various techniques including PowerShell and commonly used ports to carry out the operation.
Name Modified Date Sources
Operation PowDesk 2020-01-22