UNC6485
MISP
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
UNC6485 is a cyber-espionage group exploiting CVE-2025-12480 in Gladinet’s Triofox file-sharing platform to gain initial network access and establish long-term persistence. They create unauthorized administrative accounts and deploy RATs, utilizing legitimate tools like Zoho Assist and AnyDesk to evade detection. Their TTPs indicate a sophisticated understanding of the platform, allowing them to blend malicious activities with legitimate administrative actions.
Riferimenti (1)
Metadata
| ID: | 953 |
| Created: | 20/01/2026 04:00 |
| Updated: | 09/03/2026 16:00 |