Cyber Resilience

Campaign · all campaigns

J-magic CampaignC0050 unknown

aka J-magic Campaign

Last updated: 2026-07-03

0attributed CVEs
8ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

The [J-magic Campaign](https://attack.mitre.org/campaigns/C0050) was active from mid-2023 to at least mid-2024 and featured the use of the [J-magic](https://attack.mitre.org/software/S1203) backdoor, a custom cd00r variant tailored for use against Juniper routers. The [J-magic Campaign](https://attack.mitre.org/campaigns/C0050) targeted Junos OS routers serving as VPN gateways primarily in the semiconductor, energy, manufacturing, and IT sectors. (Citation: Lumen J-Magic JAN 2025)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
AC-22 / 825%
AC-32 / 825%
AC-62 / 825%
CA-72 / 825%
CM-22 / 825%
CM-62 / 825%
CM-72 / 825%
IA-92 / 825%
SI-102 / 825%
SI-32 / 825%
SI-42 / 825%
SI-72 / 825%

Co-occurring actors

None.

Similar actors