G0135 · 15 ATT&CK techniques · 0 correlated reports

BackdoorDiplomacy

Aliases: None listed

BackdoorDiplomacy is a cyber espionage threat group that has been active since at least 2017. BackdoorDiplomacy has targeted Ministries of Foreign Affairs and telecommunication companies in Africa, Europe, the Middle East, and Asia.

Open interactive actor investigation

ATT&CK techniques

T1027
Obfuscated Files or Information T1505.003
Web Shell T1190
Exploit Public-Facing Application T1588.002
Tool T1036.005
Match Legitimate Name or Location T1055.001
Dynamic-link Library Injection T1105
Ingress Tool Transfer T1074.001
Local Data Staging T1046
Network Service Discovery T1049
System Network Connections Discovery T1120
Peripheral Device Discovery T1095
Non-Application Layer Protocol T1574.001
DLL Search Order Hijacking T1588.001
Malware T1036.004
Masquerade Task or Service

Correlated CTI and IR reports

Continue the investigation

Interactive ThreatMapper ThreatMapper documentation CTI Analyst Field Manual Israel Threat Actors CTI Anomaly Detection Atlas ITDR Handbook 1200km Medium research