Luadream

Malware Profile Updated 12 days ago
Download STIX
Preview STIX
LuaDream is a type of malware, a malicious software designed to exploit and damage computer systems. This harmful program can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or even hold data hostage for ransom. The Sandman Advanced Persistent Threat (APT) group has been identified as specifically targeting telecommunication companies with the LuaDream backdoor. This backdoor allows the attackers to gain unauthorized access to the system, potentially leading to significant security breaches and disruptions in services. The source of these attacks and their ultimate purpose remains unclear, but the focus on telcos suggests a strategic intent to compromise critical infrastructure. In our analysis, we found commonalities between two distinct malware strains: LuaDream and the KEYPLUG backdoor. This finding could suggest that the same actors are behind both types of malware, or that different groups are using similar tactics. Understanding these connections can help in developing effective countermeasures and strategies to protect against such threats.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
KEYPLUG
2
Keyplug is a malicious software (malware) utilized by Chinese state-sponsored threat operation RedGolf, also known as APT41, Wicked Panda, Bronze Atlas, and Barium. This malware, first reported by Mandiant, was used in attacks against various U.S. state government networks from May 2021 to February
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Malware
Espionage
Windows
Apt
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
MetadorUnspecified
2
Metador is a threat actor that has been discovered to target telecommunication companies, internet service providers, and universities. The group was first identified by SentinelLabs about a year ago but remains largely unattributed due to its elusive nature, placing it in the same category as other
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Luadream Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
CERT-EU
8 months ago
Sandman APT - A mystery group targeting telcos with a LuaJIT toolkit – Global Security Mag Online
CERT-EU
8 months ago
Sandman APT - A mystery group targeting telcos with a LuaJIT toolkit – Global Security Mag Online
Securityaffairs
8 months ago
Sandman APT targets telcos with LuaDream backdoor
CERT-EU
8 months ago
New Threat Group: Sandman Targets Telecommunication Companies Across the World With Infostealers
CERT-EU
5 months ago
Sandman APT - China-based adversaries embrace Lua – Global Security Mag Online
CERT-EU
5 months ago
Sandman APT - China-based adversaries embrace Lua – Global Security Mag Online
CERT-EU
8 months ago
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
CERT-EU
8 months ago
‘Sandman’ hackers backdoor telcos with new LuaDream malware
CERT-EU
8 months ago
New stealthy APT targets telcos across three continents with novel backdoor
CERT-EU
5 months ago
Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor
CERT-EU
8 months ago
New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
DARKReading
8 months ago
Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor
CERT-EU
8 months ago
Sandman Hackers: Threat Actors use LuaDream Info-stealing Malware
CERT-EU
5 months ago
Sandman APT tied to Chinese hacking operations
CERT-EU
5 months ago
Sandman Cyberespionage Group Linked to China
InfoSecurity-magazine
8 months ago
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
CERT-EU
8 months ago
Cyber Security Week in Review: September 22, 2023
CERT-EU
8 months ago
Budworm hackers target telcos and govt orgs with custom malware
CERT-EU
2 months ago
12 Months of Fighting Cybercrime & Defending Enterprises | #cybercrime | #infosec | National Cyber Security Consulting