Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 12:59:08 UTC
 Tool: reGeorg
Names reGeorg
Category Tools
Type Backdoor, Tunneling
Description
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through
the DMZ. Pivot and pwn.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 28 June 2025
Download this tool card in JSON format
All groups using tool reGeorg
Changed Name Country Observed
APT groups
 APT 29, Cozy Bear, The Dukes 2008-Feb 2025
 Cadet Blizzard 2020-Jun 2024
 Dalbit 2022
 Elephant Beetle [Unknown] 2020
 Gelsemium 2014-2023
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bdd03dfa-f700-4573-b490-d895d4641e61
Page 1 of 2

Iridium 2018-Dec 2018  
  TaskMasters 2010-May 2021  
  Worok 2020  
8 groups listed (8 APT, 0 other, 0 unknown)
↑
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bdd03dfa-f700-4573-b490-d895d4641e61
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bdd03dfa-f700-4573-b490-d895d4641e61
Page 2 of 2