Team A and Team B: Sunburst, Teardrop and Raindrop

Microsoft analyzed the Sunburst attack (a major 2020 breach targeting SolarWinds software) and found that attackers used Cobalt Strike (a tool for command and control, letting attackers remotely direct compromised systems) alongside custom modifications to hide their backdoors in software. The attackers made each compromised system unique with different names and folder locations to avoid detection.