Sophos X-OpsIn mid-August, the Sophos X-Ops Incident Response team was brought in to address a cyber incident impacting a telecommunications company. Shortly after, when the customer was onboarded to Sophos MDR services, a detection was generated for a service creation for the Cloudflared tunneling service from a suspicious path. The resulting investigation led Sophos MDR Ops analysts and SophosLabs researchers to uncover a backdoor leveraging a loading function similar to that previously seen within the TinyTurla backdoor.