BOLDMOVE
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[BOLDMOVE](https://attack.mitre.org/software/S1184) is a type of backdoor malware written in C linked to People’s Republic of China operations from 2022 through 2023. [BOLDMOVE](https://attack.mitre.org/software/S1184) includes both Windows and Linux variants, with some Linux variants specifically designed for FortiGate Firewall devices. [BOLDMOVE](https://attack.mitre.org/software/S1184) is linked to zero-day exploitation of CVE-2022-42475 in FortiOSS SSL-VPNs.(Citation: Google Cloud BOLDMOVE 2023) The record for [BOLDMOVE](https://attack.mitre.org/software/S1184) only covers known Linux variants.
Tecniche Associate (15)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1016 | System Network Configuration Discovery | - |
| T1059.004 | Unix Shell | - |
| T1070.004 | File Deletion | - |
| T1071.001 | Web Protocols | - |
| T1082 | System Information Discovery | - |
| T1083 | File and Directory Discovery | - |
| T1090.003 | Multi-hop Proxy | - |
| T1190 | Exploit Public-Facing Application | - |
| T1480 | Execution Guardrails | - |
| T1543 | Create or Modify System Process | - |
| T1554 | Compromise Host Software Binary | - |
| T1562 | Impair Defenses | - |
| T1562.006 | Indicator Blocking | - |
| T1564.011 | Ignore Process Interrupts | - |
| T1573.002 | Asymmetric Cryptography | - |
Metadata
| ID: | 132 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |