|
gptkbp:instanceOf
|
cybercrime
Advanced Persistent Threat
|
|
gptkbp:activeYearsStart
|
at least 2004
|
|
gptkbp:alsoKnownAs
|
gptkb:Waterbug
gptkb:Dragon
gptkb:Uroburos
Venomous Bear
|
|
gptkbp:area
|
gptkb:Asia
gptkb:Europe
gptkb:Middle_East
gptkb:United_States
|
|
gptkbp:category
|
cybercrime
state-sponsored hacking group
|
|
gptkbp:connectsTo
|
gptkb:FSB
gptkb:Russian_intelligence
Russian military
|
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Turla APT
|
|
gptkbp:notableFor
|
2014
2018
2023
|
|
gptkbp:notableOperation
|
attacks on European governments
attacks on embassies
attacks on energy sector
attacks on research institutions
attacks on defense contractors
compromise of US Central Command
|
|
gptkbp:publiclyReportedBy
|
gptkb:Microsoft
gptkb:NSA
gptkb:US_Department_of_Justice
gptkb:ESET
gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:GCHQ
gptkb:Symantec
|
|
gptkbp:suspect
|
gptkb:FSB
gptkb:Russian_government
|
|
gptkbp:target
|
gptkb:energy
research institutions
government organizations
military organizations
diplomatic entities
|
|
gptkbp:technique
|
custom malware
living off the land
spear phishing
watering hole attacks
credential theft
lateral movement
satellite-based C2
|
|
gptkbp:usesMalware
|
gptkb:ICEDCOFFEE
gptkb:IronNetInjector
gptkb:Snake_rootkit
gptkb:WhiteBear
gptkb:Dragon
gptkb:HyperStack
gptkb:Metastase
gptkb:Neptun
gptkb:Agent.BTZ
gptkb:ComRAT
gptkb:Epic_Turla
gptkb:Gazer
gptkb:Kazuar
gptkb:Kopiluwak
gptkb:Uroburos
gptkb:Carbon
gptkb:Skipper
Crutch
|
|
gptkbp:bfsParent
|
gptkb:Kopiluwak_malware
|
|
gptkbp:bfsLayer
|
6
|