SandwormSandworm

Also known as: Sandworm · Quedagh · VOODOO BEAR · TEMP.Noble · IRON VIKING · G0034 · ELECTRUM · TeleBots · IRIDIUM · Blue Echidna · FROZENBARENTS · UAC-0113 · Seashell Blizzard · UAC-0082 · APT44

Known aliases
15

Profile

This threat actor targets industrial control systems, using a tool called Black Energy, associated with electricity and power generation for espionage, denial of service, and data destruction purposes. Some believe that the threat actor is linked to the 2015 compromise of the Ukrainian electrical grid and a distributed denial of service prior to the Russian invasion of Georgia. Believed to be responsible for the 2008 DDoS attacks in Georgia and the 2015 Ukraine power grid outage

Aliases· 15

SandwormQuedaghVOODOO BEARTEMP.NobleIRON VIKINGELECTRUMTeleBotsIRIDIUMBlue EchidnaFROZENBARENTSUAC-0113Seashell BlizzardUAC-0082APT44
G0034

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Campaign
2015 Ukraine Electric Power Attack
Campaign
2016 Ukraine Electric Power Attack
Group
Sandworm Team
Actor
ENERGETIC BEAR
Actor
Gray Sandstorm
Software
BlackEnergy
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.