LilacSquid is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does LilacSquid exploit?

Specific CVE exploitation data for LilacSquid is being tracked. Check the Strobes VI threat actor profile for updates.

LilacSquid

Exploited CVEs

Overview

LilacSquid is an APT actor targeting a variety of industries worldwide since at least 2021. They use tactics such as exploiting vulnerabilities and compromised RDP credentials to gain access to victim organizations. Their post-compromise activities involve deploying MeshAgent and a customized version of QuasarRAT known as PurpleInk to maintain control over infected systems. LilacSquid has been observed using tools like Secure Socket Funneling for data exfiltration.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database