We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/ForestTiger.A!dha
Detected by Microsoft Defender Antivirus
Aliases: No associated aliases
Summary
Trojan: Win32/ForestTiger.A!dha is a backdoor trojan used by the state-sponsored Diamond Sleet group. This trojan was deployed in conjunction with CVE-2023-42793, which is an authentication bypass vulnerability in JetBrains TeamCity.
To mitigate the issue, follow these steps:
- Isolate the affected device from the network.
- Conduct a thorough investigation of the network to identify any other compromised systems, as this is indicative of an APT attack.