|
gptkbp:instanceOf
|
gptkb:cyber_espionage_campaign
|
|
gptkbp:activePeriod
|
2012-2014
2014-present
|
|
gptkbp:alsoKnownAs
|
gptkb:Uroburos_campaign
gptkb:Snake_campaign
|
|
gptkbp:attributedTo
|
gptkb:Russia
|
|
gptkbp:category
|
gptkb:Advanced_Persistent_Threat
cyber attack
state-sponsored operation
|
|
gptkbp:conductedBy
|
gptkb:Turla_group
|
|
gptkbp:discoveredBy
|
gptkb:ESET
gptkb:Kaspersky_Lab
gptkb:Symantec
|
|
gptkbp:exploits
|
gptkb:Adobe_Flash_zero-day
Internet Explorer vulnerabilities
Java vulnerabilities
Windows privilege escalation
|
|
gptkbp:firstReported
|
2014
|
|
gptkbp:infrastructure
|
encrypted communications
compromised servers
proxy networks
satellite-based C2
|
|
gptkbp:notableEvent
|
compromise of government agencies in former Soviet states
compromise of embassies in Europe and the Middle East
|
|
gptkbp:purpose
|
gptkb:cybercrime
data exfiltration
long-term persistence
|
|
gptkbp:relatedTo
|
gptkb:Snake_malware
gptkb:Turla_group
gptkb:Uroburos_malware
gptkb:Agent.BTZ
|
|
gptkbp:target
|
embassies
research institutions
government organizations
military organizations
diplomatic entities
defense contractors
|
|
gptkbp:technique
|
custom backdoors
spear phishing
watering hole attacks
zero-day exploits
|
|
gptkbp:usesMalware
|
gptkb:poetry
gptkb:Agent.BTZ
gptkb:Kazuar
Snake/Uroburos
Cobra/Carbon
Gloog
|
|
gptkbp:bfsParent
|
gptkb:TA-95
|
|
gptkbp:bfsLayer
|
5
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Epic Turla campaign
|