TiltedTemple
Intelligence Profile
One of their notable tools is a custom backdoor called SockDetour, which operates filelessly and socketlessly on compromised Windows servers. The group's activities have been linked to the exploitation of vulnerabilities in Zoho ManageEngine ADSelfService Plus and ServiceDesk Plus.
Threat Analysis
TiltedTemple is a known-sophistication threat actor attributed to China, engaged in cyber operations with a primary motivation of unknown activity patterns.
Known Campaigns
TiltedTemple is a unknown-motivation threat actor attributed to China. One of their notable tools is a custom backdoor called SockDetour, which operates filelessly and socketlessly on compromised Windows servers. The group's activities have been linked to the exploitation of vulnerabilities in Zoho ManageEngine ADSelfService Plus and ServiceDesk Plu...