Sandworm Uses SSH-over-Tor Tunnel for Stealthy Long-Term Persistence
A significant evolution in Sandworm (APT-C-13) tradecraft, revealing the group’s use of SSH-over-Tor tunneling to achieve long-term, covert persistence inside targeted networks. Sandworm, also known as FROZENBARENTS, is a state-sponsored threat group active since 2014. It has consistently targeted g
ORIGINAL SOURCE →via GBHackers Security
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
- [CYBER] News Explorer — DeFi United Releases Technical Recovery Plan Following KelpDAO Exploit - Decrypt
- [CYBER] Chinese National Extradited Over Silk Typhoon Cyber Campaign
- [CYBER] Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
- [CYBER] The Cyber Perfect Storm Is Here — And Your AI Agents Are in the Blast Radius
- [CYBER] Energy Security for “The Africa We Want”: Turning a Global Shock into a Continental Reset