KZ

YoroTrooperYoroTrooper

Also known as: Salted Earth · Sturgeon Fisher · ShadowSilk · Silent Lynx · Cavalry Werewolf · SturgeonPhisher · Comrade Saiga · YoroTrooper

Origin
KZ
Known aliases
8

Profile

YoroTrooper’s main targets are government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth of Independent States, based on Cisco Talos analysis. YoroTrooper was also observed compromising accounts from at least two international organizations: a critical European Union health care agency and the World Intellectual Property Organization. Successful compromises also included Embassies of European countries including Azerbaijan and Turkmenistan.

Aliases· 8

Salted EarthSturgeon FisherShadowSilkSilent LynxCavalry WerewolfSturgeonPhisherComrade SaigaYoroTrooper

Known victims· 1

  • Germany

References

  1. https://blog.talosintelligence.com/attributing-yorotrooper/
  2. https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-turkey-europe/
  3. https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html
  4. https://www.group-ib.com/blog/shadowsilk/
  5. https://www.seqrite.com/blog/silent-lynx-apt-targeting-central-asian-entities/
  6. https://bi-zone.medium.com/cavalry-werewolf-raids-russias-public-sector-with-trusted-relationship-attacks-e19f7a5c83ef
  7. https://www.seqrite.com/blog/operation-peek-a-baku-silent-lynx-apt-dushanbe-espionage/
  8. https://ctoatncsc.substack.com/p/cto-at-ncsc-summary-week-ending-october

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Earth Yako
Actor
Void Blizzard
Actor
Worok
Actor
People's Cyber Army of Russia
Actor
GopherWhisper
Actor
Turla
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.