J-magic Campaign (C0050)
Auto-surfaced MITRE campaign. This page renders directly from MITRE ATT&CK data; no curated narrative or verified victim list. See /incidents.html for the curated landmark layer.
Active: ?-? · Run by: parent actor unknown · 0 attributed CVE(s) · 8 technique(s).
MITRE description
The [J-magic Campaign](https://attack.mitre.org/campaigns/C0050) was active from mid-2023 to at least mid-2024 and featured the use of the [J-magic](https://attack.mitre.org/software/S1203) backdoor, a custom cd00r variant tailored for use against Juniper routers. The [J-magic Campaign](https://attack.mitre.org/campaigns/C0050) targeted Junos OS routers serving as VPN gateways primarily in the semiconductor, energy, manufacturing, and IT sectors. (Citation: Lumen J-Magic JAN 2025)