Russian hacking group APT29

GPTKB entity

Statements (95)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart at least 2008
gptkbp:alsoKnownAs gptkb:Cozy_Bear
gptkb:The_Dukes
gptkbp:attributedTo gptkb:United_States_government
gptkb:United_Kingdom_government
Cybersecurity firms
gptkbp:countryOfOrigin gptkb:Russia
https://www.w3.org/2000/01/rdf-schema#label Russian hacking group APT29
gptkbp:notableBattle gptkb:2016_Democratic_National_Committee_cyber_attacks
gptkb:NATO
gptkb:SolarWinds_supply_chain_attack
gptkb:Microsoft_cloud_services
gptkb:UK_government_agencies
European governments
IT service providers
US political organizations
US government agencies
COVID-19 vaccine research targeting
US universities
US defense contractors
US think tanks
US agriculture sector
US beverage sector
US chemical sector
US construction sector
US diplomatic entities
US education sector
US energy sector
US entertainment sector
US financial sector
US food sector
US healthcare sector
US hospitality sector
US insurance sector
US law firms
US manufacturing sector
US media organizations
US mining sector
US non-profits
US public administration sector
US real estate sector
US research institutions
US retail sector
US sports sector
US technology companies
US telecommunications sector
US transportation sector
US travel sector
US utilities sector
US waste management sector
US water sector
foreign ministries
gptkbp:notableFor 2016
2020
2021
2023
gptkbp:suspectedAffiliation gptkb:SVR
gptkb:Russian_Intelligence
gptkbp:tactics credential harvesting
custom malware
living off the land
spear phishing
supply chain attacks
watering hole attacks
cloud service abuse
multi-stage malware
stealthy operations
gptkbp:target gptkb:energy
think tanks
healthcare sector
government organizations
diplomatic entities
gptkbp:usesMalware gptkb:SeaDuke
gptkb:GoldFinger
gptkb:CosmicDuke
gptkb:GoldMax
gptkb:MiniDuke
gptkb:SUNBURST
gptkb:TrailBlazer
gptkb:WellMail
gptkb:WellMess
gptkb:HAMMERTOSS
gptkb:BoomBox
GoldFinder
Subtlety
CloudLook
EnvyScout
MagicSocks
MagicWeb
NativeZone
WELLMAIL
WELLMESS
gptkbp:bfsParent gptkb:2020_COVID-19_vaccine_research_hack
gptkbp:bfsLayer 7