Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:21:40 UTC
Home > List all groups > List all tools > List all groups using tool Saitama
 Tool: Saitama
Names
Saitama
Saitama Backdoor
AMATIAS
Category Malware
Type Backdoor
Description
(Malwarebytes) Saitama backdoor abuses the DNS protocol for its command and control
communications. This is stealthier than other communication methods, such as HTTP. Also,
the actor cleverly uses techniques such as compression and long random sleep times. They
employed these tricks to disguise malicious traffic in between legitimate traffic.
Information
Malpedia Last change to this tool card: 30 November 2023
Download this tool card in JSON format
All groups using tool Saitama
Changed Name Country Observed
APT groups
 OilRig, APT 34, Helix Kitten, Chrysene 2014-Sep 2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c6b4335f-c2fe-4109-971f-12c06e9ec7ef
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c6b4335f-c2fe-4109-971f-12c06e9ec7ef
Page 1 of 1