J-magic

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[J-magic](https://attack.mitre.org/software/S1203) is a custom variant of the [cd00r](https://attack.mitre.org/software/S1204) backdoor tailored to target Juniper routers that was first observed during the [J-magic Campaign](https://attack.mitre.org/campaigns/C0050) in mid-2023. [J-magic](https://attack.mitre.org/software/S1203) monitors TCP traffic for five predefined parameters or "magic packets" to be sent by the attackers before activating on compromised devices.(Citation: Lumen J-Magic JAN 2025)

Tecniche Associate (8)

ID	ATT&CK	Tattiche
T1016	System Network Configuration Discovery	-
T1036.005	Match Legitimate Resource Name or Location	-
T1040	Network Sniffing	-
T1059.004	Unix Shell	-
T1070.003	Clear Command History	-
T1095	Non-Application Layer Protocol	-
T1205	Traffic Signaling	-
T1573.002	Asymmetric Cryptography	-

Metadata

ID:	112
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00