Statements (50)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cyber espionage campaign
|
| gptkbp:activePeriod |
2012-2014
2014-present |
| gptkbp:alsoKnownAs |
gptkb:Uroburos_campaign
gptkb:Snake_campaign |
| gptkbp:attributedTo |
gptkb:Russia
|
| gptkbp:category |
Advanced Persistent Threat
cyber attack state-sponsored operation |
| gptkbp:conductedBy |
gptkb:Turla_group
|
| gptkbp:discoveredBy |
gptkb:ESET
gptkb:Kaspersky_Lab gptkb:Symantec |
| gptkbp:exploits |
gptkb:Adobe_Flash_zero-day
Internet Explorer vulnerabilities Java vulnerabilities Windows privilege escalation |
| gptkbp:firstReported |
2014
|
| https://www.w3.org/2000/01/rdf-schema#label |
Epic Turla campaign
|
| gptkbp:infrastructure |
encrypted communications
compromised servers proxy networks satellite-based C2 |
| gptkbp:notableEvent |
compromise of government agencies in former Soviet states
compromise of embassies in Europe and the Middle East |
| gptkbp:purpose |
cybercrime
data exfiltration long-term persistence |
| gptkbp:relatedTo |
gptkb:Snake_malware
gptkb:Turla_group gptkb:Uroburos_malware gptkb:Agent.BTZ |
| gptkbp:target |
embassies
research institutions government organizations military organizations diplomatic entities defense contractors |
| gptkbp:technique |
custom backdoors
spear phishing watering hole attacks zero-day exploits |
| gptkbp:usesMalware |
gptkb:poetry
gptkb:Agent.BTZ gptkb:Kazuar Snake/Uroburos Cobra/Carbon Gloog |
| gptkbp:bfsParent |
gptkb:TA-95
|
| gptkbp:bfsLayer |
5
|