REF2924 is a threat actor attributed to CN. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does REF2924 exploit?

Specific CVE exploitation data for REF2924 is being tracked. Check the Strobes VI threat actor profile for updates.

REF2924

Exploited CVEs

Overview

A group monitored as REF2924 by Elastic Security Labs is wielding novel data-stealing malware — an HTTP listener written in C# dubbed Naplistener by the researchers — in attacks against victims operating in southern and southeast Asia.According to a blog post by Elastic senior security research engineer Remco Sprooten, in that region of the world, network-based detection and prevention technologies are the de facto method for securing many environments.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database