AIRBREAK

Description

(Recorded Future) AIRBREAK, also known as Orz, is a JavaScript-based backdoor that retrieves commands from hidden strings in compromised webpages and actor-controlled profiles on legitimate services.

Names

Name
AIRBREAK
Orz

Type

Backdoor
Reconnaissance
Info stealer
Exfiltration

Information

https://go.recordedfuture.com/hubfs/reports/cta-2018-1113.pdf
https://www.fireeye.com/blog/threat-research/2018/07/chinese-espionage-group-targets-cambodia-ahead-of-elections.html
https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets

Mitre Attack

https://attack.mitre.org/software/S0229/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/js.airbreak

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:AIRBREAK

Other Information

Uuid

e3bf57b5-7c27-43ea-92f9-03656f8accb4

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

AIRBREAK

AIRBREAK

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks