Metador

Threat Actor Profile Updated 25 days ago
Download STIX
Preview STIX
Metador is a threat actor that has been discovered to target telecommunication companies, internet service providers, and universities. The group was first identified by SentinelLabs about a year ago but remains largely unattributed due to its elusive nature, placing it in the same category as other mysterious cyber adversaries. The development style of Metador's malware suggests an advanced threat actor; however, inconsistencies between the high-quality development and poor segmentation practices hint at the possibility of a private contractor or mercenary group behind this threat. The enigmatic characteristics of Metador are similar to those of Sandman and LuaDream, two other Advanced Persistent Threat (APT) groups. These groups share a continuous innovation and advancement effort in their malware arsenal, making them formidable cyber espionage threat actors. Although there is no direct association between LuaDream and any known threat actor, researchers speculate that it might also be operated by a private contractor or mercenary group, akin to Metador. Given the mysterious nature of these threat actors, cybersecurity researchers have initiated a crowdsourcing effort to identify Metador APT. This initiative underscores the challenges in attributing cyber threats and the need for collective efforts in combating such advanced and elusive adversaries. Despite the mystery surrounding these threat actors, their activities serve as a stark reminder of the persistent and evolving nature of cyber threats in today's digital landscape.
What's your take? (Question 1 of 1)
f4e8226a-da90-478f-b5f9-7af095a1eb72 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
LuadreamUnspecified
2
LuaDream is a type of malware that has been used in sophisticated cyber attacks against telecommunication companies. The malicious software is designed to infiltrate computer systems, often without the user's knowledge, and can cause significant damage by disrupting operations, stealing personal inf
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Metador Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
Securityaffairs
8 months ago
Sandman APT targets telcos with LuaDream backdoor
CERT-EU
8 months ago
New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
CERT-EU
8 months ago
New stealthy APT targets telcos across three continents with novel backdoor