APT34 Hacking Tools Leak

Hacking tools:
– Glimpse (newer version of a PowerShell-based trojan that Palo Alto Networks names BondUpdater)
– PoisonFrog (older version of BondUpdater)
– HyperShell (web shell that Palo Alto Networks calls TwoFace)
– HighShell (another web shell)
– Fox Panel (phishing kit)
– Webmask (DNS tunneling, main tool behind DNSpionage)

data taken from victims that had been collected in some of APT34’s backend command-and-control (C&C) servers.

Additionally, Dookhtegan also leaked data about past APT34 operations, listing the IP addresses and domains where the group had hosted web shells in the past, and other operational data.


Leave a Reply