LilacSquid

MISP

Tipo:
Unknown

Paese:
Unknown

Prima attivita:
Unknown

Dettagli:

LilacSquid is an APT actor targeting a variety of industries worldwide since at least 2021. They use tactics such as exploiting vulnerabilities and compromised RDP credentials to gain access to victim organizations. Their post-compromise activities involve deploying MeshAgent and a customized version of QuasarRAT known as PurpleInk to maintain control over infected systems. LilacSquid has been observed using tools like Secure Socket Funneling for data exfiltration.

Riferimenti (1)

blog.talosintelligence.com - Lilacsquid

Metadata

ID:	685
Created:	13/01/2026 17:48
Updated:	07/03/2026 16:00