Statements (95)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybercrime
|
| gptkbp:activeYearsStart |
at least 2008
|
| gptkbp:alsoKnownAs |
gptkb:Cozy_Bear
gptkb:The_Dukes |
| gptkbp:attributedTo |
gptkb:United_States_government
gptkb:United_Kingdom_government Cybersecurity firms |
| gptkbp:countryOfOrigin |
gptkb:Russia
|
| https://www.w3.org/2000/01/rdf-schema#label |
Russian hacking group APT29
|
| gptkbp:notableBattle |
gptkb:2016_Democratic_National_Committee_cyber_attacks
gptkb:NATO gptkb:SolarWinds_supply_chain_attack gptkb:Microsoft_cloud_services gptkb:UK_government_agencies European governments IT service providers US political organizations US government agencies COVID-19 vaccine research targeting US universities US defense contractors US think tanks US agriculture sector US beverage sector US chemical sector US construction sector US diplomatic entities US education sector US energy sector US entertainment sector US financial sector US food sector US healthcare sector US hospitality sector US insurance sector US law firms US manufacturing sector US media organizations US mining sector US non-profits US public administration sector US real estate sector US research institutions US retail sector US sports sector US technology companies US telecommunications sector US transportation sector US travel sector US utilities sector US waste management sector US water sector foreign ministries |
| gptkbp:notableFor |
2016
2020 2021 2023 |
| gptkbp:suspectedAffiliation |
gptkb:SVR
gptkb:Russian_Intelligence |
| gptkbp:tactics |
credential harvesting
custom malware living off the land spear phishing supply chain attacks watering hole attacks cloud service abuse multi-stage malware stealthy operations |
| gptkbp:target |
gptkb:energy
think tanks healthcare sector government organizations diplomatic entities |
| gptkbp:usesMalware |
gptkb:SeaDuke
gptkb:GoldFinger gptkb:CosmicDuke gptkb:GoldMax gptkb:MiniDuke gptkb:SUNBURST gptkb:TrailBlazer gptkb:WellMail gptkb:WellMess gptkb:HAMMERTOSS gptkb:BoomBox GoldFinder Subtlety CloudLook EnvyScout MagicSocks MagicWeb NativeZone WELLMAIL WELLMESS |
| gptkbp:bfsParent |
gptkb:2020_COVID-19_vaccine_research_hack
|
| gptkbp:bfsLayer |
7
|