← threatfilter.dev / all groups / Suckfly
Suckfly
Overview
Suckfly is a China-based threat group that has been active since at least 2014.
TTPs — 5 techniques across 5 tactics
Execution
-
T1059.003Windows Command Shell
Stealth
-
T1078Valid Accounts
Defense Impairment
-
T1553.002Code Signing
Credential Access
-
T1003OS Credential Dumping
Discovery
Tools & malware (1)
Nidiran
Reporting (2)
- Indian organizations targeted in Suckfly attacks — DiMaggio, J
- Suckfly: Revealing the secret life of your code signing certificates — DiMaggio, J