Spellbinder

Description

(ESET) Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and redirecting the traffic of legitimate Chinese software so that it downloads malicious updates from a server controlled by the attackers.

Names

Name
Spellbinder

Type

Backdoor
Tunneling
Downloader

Information

https://www.welivesecurity.com/en/eset-research/thewizards-apt-group-slaac-spoofing-adversary-in-the-middle-attacks/

Other Information

Uuid

704eb26c-c472-45dc-97cd-985f3153dc6c

Last Card Change

2025-06-27

Threat Intelligence Garden

Explorer

Spellbinder

Spellbinder

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks