+- الفريق العربي للهندسة العكسية (https://www.at4re.net/f)
+-- قسم : منتديات الهندسة العكسية - Reverse Engineering Forums (https://www.at4re.net/f/forum-4.html)
+--- قسم : الأمن و الحماية - Security (https://www.at4re.net/f/forum-31.html)
+--- الموضوع : NOBELIUM/SUNSHUTTLE (/thread-2632.html)
NOBELIUM/SUNSHUTTLE - overlap - 05-03-2021
مقالتين تقنيتين من طرف FireEye و Microsoft تتحدثان عن هجمات مماثلة و علاقتها بهجوم SolarWinds.
New SUNSHUTTLE Second-Stage Backdoor Uncovered Targeting U.S.-Based Entity; Possible Connection to UNC2452
https://www.fireeye.com/blog/threat-research/2021/03/sunshuttle-second-stage-backdoor-targeting-us-based-entity.html
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
https://www.microsoft.com/security/blog/2021/03/04/goldmax-goldfinder-sibot-analyzing-nobelium-malware/