LightNeuron

Description

(ESET) Turla is believed to have used LightNeuron since at least 2014. • LightNeuron is the first publicly known malware to use a malicious Microsoft Exchange Transport Agent. • LightNeuron can spy on all emails going through the compromised mail server. • LightNeuron can modify or block any email going through the compromised mail server. • LightNeuron can execute commands sent by email. • Commands are hidden in specially crafted PDF or JPG attachments using steganography. • LightNeuron is hard to detect at the network level because it does not use standard HTTP(S) communications.

Names

Name
LightNeuron
NETTRANS
XTRANS

Type

Info stealer

Information

https://www.welivesecurity.com/wp-content/uploads/2019/05/ESET-LightNeuron.pdf

Mitre Attack

https://attack.mitre.org/software/S0395/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.lightneuron

Other Information

Uuid

d1283603-7f97-4f89-8591-103d90aa9389

Last Card Change

2020-04-22

Threat Intelligence Garden

Explorer

LightNeuron

LightNeuron

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks