20. August 2024
Die technischen und inhaltlichen Merkmale der APTs Volt Typhoon und Flex Typhoon werden in diesem APT-Profil des EuRepoC-Teams analysiert.
APT Profil – APT 29
Stealth at Scale
- 23 Februar 2023
- Zettl-Schabath, Kerstin; Bund, Jakob; Gschwend, Timothy; Borrett, Camille
- EN
About APT29
APT29 is a state-integrated hacking group (foreign intelligence service/agency members):
The aforementioned industry and government sources characterise ATP29 as a direct agent of the Russian state, as part of the foreign intelligence service SVR. The operations are most often directed against Western societies labeled by the Russian government as “unfriendly states,” with targets based in the US, UK, and across the EU. The technical sophistication and target selection of the group (see below) are strong indicators for its state integration (especially integration into secret services).
Associated APT designations
- CozyDuke (F-Secure)
- UNC2452/APT29 (FireEye/Mandiant)
- Cozy Bear (CrowdStrike)
- IRON HEMLOCK/IRON RITUAL (Secureworks)
- NOBELIUM (Microsoft)
- Dukes (Kaspersky/CrySyS Lab Volexity/ESET)
- Cloaked Ursa (Palo Alto)
- Fritillary (Symantec)
- G0016 (MITRE ATT&CK)
Country of origin
Period of activity
Since at least 2008-today
Further industry reporting by SEKOIA.IO indicates the group may have started operations as early as 2004.
Mehr APT Profiles
- Research and Analysis
20. Februar 2024
Die technischen und inhaltlichen Merkmale der Lazarus Group APT werden in diesem APT-Profil des EuRepoC-Teams analysiert.
26 September 2023
Die technischen und inhaltlichen Merkmale der APT3 werden in diesem APT-Profil des EuRepoC-Teams analysiert.