Cozy Bear

GPTKB entity

Statements (75)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2008
gptkbp:allegedInvolvement gptkb:SVR
gptkb:Russian_Foreign_Intelligence_Service
gptkbp:alsoKnownAs gptkb:APT29
gptkb:The_Dukes
gptkbp:attributedTo gptkb:United_States_government
gptkb:United_Kingdom_government
cybersecurity firms
gptkbp:category cybercrime
espionage
Advanced Persistent Threat
gptkbp:countryOfOrigin gptkb:Russia
https://www.w3.org/2000/01/rdf-schema#label Cozy Bear
gptkbp:industry gptkb:energy
gptkb:government
gptkb:military
healthcare
research
think tanks
diplomatic
gptkbp:majorCity gptkb:Czech_Republic
gptkb:Germany
gptkb:Netherlands
gptkb:Norway
gptkb:Poland
gptkb:Ukraine
gptkb:United_Kingdom
gptkb:United_States
gptkbp:notableBattle gptkb:2016_DNC_hack
gptkb:SolarWinds_supply_chain_attack
COVID-19 vaccine research targeting
gptkbp:notableFor gptkb:2016_Democratic_National_Committee_cyber_attacks
gptkb:SolarWinds_cyberattack
cybercrime
targeting energy sector
targeting COVID-19 vaccine research
targeting governments
targeting think tanks
gptkbp:relatedTo gptkb:Russian_intelligence_agencies
gptkb:Fancy_Bear
gptkbp:uses phishing
backdoors
spear-phishing
credential harvesting
custom malware
gptkbp:usesMalware gptkb:SeaDuke
gptkb:Cobalt_Strike
gptkb:Mimikatz
gptkb:Zebrocy
gptkb:CloudAtlas
gptkb:CloudDuke
gptkb:CosmicDuke
gptkb:CozyDuke
gptkb:DuneDuke
gptkb:FatDuke
gptkb:GoldMax
gptkb:MagicDuke
gptkb:MiniDionis
gptkb:MiniDuke
gptkb:OnionDuke
gptkb:PinchDuke
gptkb:PolyglotDuke
gptkb:PowerDuke
gptkb:SUNBURST
gptkb:Sibot
gptkb:TrailBlazer
gptkb:WellMail
gptkb:WellMess
DNC hack tools
GoldFinder
HammerDuke
TwistedDuke
gptkbp:bfsParent gptkb:2016_email_leak
gptkbp:bfsLayer 5