Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 17:54:15 UTC
 Tool: Ebury
Names Ebury
Category Malware
Type Backdoor, Credential stealer, Botnet
Description (ESET) An OpenSSH backdoor used to keep control of the servers and steal credentials.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 18 June 2024
Download this tool card in JSON format
All groups using tool Ebury
Changed Name Country Observed
Other groups
 Operation Windigo 2011-Mar 2017
1 group listed (0 APT, 1 other, 0 unknown)
↑
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6e2c66f6-347d-427f-929e-425e298bb480
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6e2c66f6-347d-427f-929e-425e298bb480
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6e2c66f6-347d-427f-929e-425e298bb480
Page 2 of 2

Other groups Operation Windigo 2011-Mar 2017 
1 group listed (0 APT, 1 other, 0 unknown) 
↑   
   Page 1 of 2