Sandworm

MITRE G0034Also known as APT44, Seashell Blizzard, APT34, HEXANE, Unit 74455
Reports
9
First seen
Nov 6
Last seen
Jun 4
Motivation
espionage, disruptive cyber operations against spor, disruption

Targeting

Sectors
other ×2energy utilities ×2
Victim regions
Poland ×2

Top ATT&CK techniques

T1190 Exploit Public-Facing Application ×6T1566 Phishing ×6T1486 Data Encrypted for Impact ×6T1561 Disk Wipe ×5T1041 Exfiltration Over C2 Channel ×3T1195 Supply Chain Compromise ×3T1133 External Remote Services ×2T1598 Phishing for Information ×2T1059.001 Command and Scripting Interpreter: PowerShell ×2T1003 OS Credential Dumping ×2T1021 Remote Services ×2T1557 Adversary-in-the-Middle ×2

Indicators

cve ×12filename ×12domain ×9hash_sha1 ×1ip_v4 ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.