Turla

MITRE G0010Also known as Secret Blizzard, Venomous Bear, Waterbug, Snake, ATG26, Blue Python, Iron Hunter, Pensive Ursa, SUMMIT, Uroburos, WRAITH
Reports
8
First seen
Oct 1
Last seen
Jun 26
Motivation
espionage, cyberespionage, espionage, credential collection

Targeting

Sectors
government ×4
Victim regions
Ukraine ×4

Top ATT&CK techniques

T1566 Phishing ×7T1547 Boot or Logon Autostart Execution ×4T1005 Data from Local System ×4T1598 Phishing for Information ×3T1071 Application Layer Protocol ×3T1041 Exfiltration Over C2 Channel ×3T1059.001 PowerShell ×3T1105 Ingress Tool Transfer ×3T1071.001 Application Layer Protocol: Web Protocols ×2T1082 System Information Discovery ×2T1557 Adversary-in-the-Middle ×2T1566.002 Phishing: Spearphishing Attachment ×2

Indicators

domain ×21cve ×8

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.