Operation EmmentalOperation Emmental

Also known as: Operation Emmental · Retefe Gang · Retefe Group

Known aliases
3

Profile

Operation Emmental, also known as the Retefe gang, is a threat actor group that has been active since at least 2012. They primarily target customers of banks in countries such as Austria, Sweden, Switzerland, and Japan. The group has developed sophisticated malware, including a Mac alternative called Dok, to bypass two-factor authentication and hijack network traffic. They have also been observed using phishing emails to spread their malware. The group is believed to be Russian-speaking and has continuously improved their malicious codes over the years.

Aliases· 3

Operation EmmentalRetefe GangRetefe Group

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
RTM
Actor
Denim Tsunami
Actor
Dalbit
Actor
Operation Ghoul
Actor
UAC-0184
Actor
TA829
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.