216.73.217.172

LookBack

The MITRE Corporation · Published 01/03/2021 15:07 · Modified 27/03/2026 01:06 Family

Essential information

Confidence
100/100
Is family
Yes
Published
01/03/2021 15:07
Modified
27/03/2026 01:06
Revoked
No
Author / Source
The MITRE Corporation
Related entities
22 attack patterns (mitre), 1 intrusion sets (apt), 3 sectors, 53 indicators, 5 vulnerabilities (cve)

Description

[LookBack](https://attack.mitre.org/software/S0582) is a remote access trojan written in C++ that was used against at least three US utility companies in July 2019. The TALONITE activity group has been observed using [LookBack](https://attack.mitre.org/software/S0582).(Citation: Proofpoint LookBack Malware Aug 2019)(Citation: Dragos TALONITE)(Citation: Dragos Threat Report 2020)

Marking (TLP)

TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references