Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 15:04:46 UTC
Home > List all groups > List all tools > List all groups using tool SlowStepper
 Tool: SlowStepper
Names SlowStepper
Category Malware
Type Backdoor
Description
(ESET) SlowStepper is a backdoor developed in C++ with extensive use of object-oriented
programming in the C&C communications code. Although the code contains hundreds of
functions, the particular variant used in the supply-chain compromise of the IPany VPN
software appears to be version 0.2.10 Lite, according to the backdoor’s code. The so-called
“Lite” version indeed contains fewer features than other previous and newer versions.
Information
Last change to this tool card: 22 February 2025
Download this tool card in JSON format
All groups using tool SlowStepper
Changed Name Country Observed
APT groups
 PlushDaemon 2019
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=86abc5a6-6ecf-45d7-9c00-fe7557d6b6db
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=86abc5a6-6ecf-45d7-9c00-fe7557d6b6db
Page 1 of 1