ItaDukeItaDuke

Also known as: ItaDuke · DarkUniverse · SIG27

Known aliases
3

Profile

ItaDuke is an actor known since 2013. It used PDF exploits for dropping malware and Twitter accounts to store C2 server urls. On 2018, an actor named DarkUniverse, which was active between 2009 to 2017, was attributed to this ItaDuke by Kaspersky.

Aliases· 3

ItaDukeDarkUniverseSIG27

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
APT29
Software
GeminiDuke
Actor
TA2719
Actor
DarkHotel
Actor
UAC-0227
Actor
APT-C-27
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.