Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 12:57:46 UTC
Home > List all groups > List all tools > List all groups using tool Lambert
 Tool: Lambert
Names
Lambert
Plexor
Category Malware
Type Info stealer
Description
From the start, Symantec suspected Longhorn was an outlier, saying it appeared to be different
from other potential cybercrime groups. That assessment was based in part on Longhorn using
a zero-day software exploit, which Symantec found embedded within a Microsoft Word
document. The exploit delivered a data-stealing tool called Plexor.
'The malware had all the hallmarks of a sophisticated cyberespionage group,' Symantec writes.
'Aside from access to zero-day exploits, the group had preconfigured Plexor with elements that
indicated prior knowledge of the target environment.'
Information
Malpedia Last change to this tool card: 14 May 2020
Download this tool card in JSON format
All groups using tool Lambert
Changed Name Country Observed
APT groups
 ↳ Subgroup: Longhorn, The Lamberts 2009
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ddeb02e1-da34-4b8f-aaa6-ee9cf855ddab
Page 1 of 2

Equation Group 2001-Aug 2016
2 groups listed (2 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ddeb02e1-da34-4b8f-aaa6-ee9cf855ddab
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ddeb02e1-da34-4b8f-aaa6-ee9cf855ddab
Page 2 of 2