G0035
G0035Dragonfly
Description
[Dragonfly](https://attack.mitre.org/groups/G0035) is a cyber espionage group that has been attributed to Russia's Federal Security Service (FSB) Center 16.(Citation: DOJ Russia Targeting Critical Infrastructure March 2022)(Citation: UK GOV FSB Factsheet April 2022) Active since at least 2010, [Dragonfly](https://attack.mitre.org/groups/G0035) has targeted defense and aviation companies, government entities, companies related to industrial control systems, and critical infrastructure sectors worldwide through supply chain, spearphishing, and drive-by compromise attacks.(Citation: Symantec Dragonfly)(Citation: Secureworks IRON LIBERTY July 2019)(Citation: Symantec Dragonfly Sept 2017)(Citation: Fortune Dragonfly 2.0 Sept 2017)(Citation: Gigamon Berserk Bear October 2021)(Citation: CISA AA20-296A Berserk Bear December 2020)(Citation: Symantec Dragonfly 2.0 October 2017)
References
- https://attack.mitre.org/groups/G0035
- https://www.cisa.gov/uscert/ncas/alerts/aa20-296a#revisions
- https://www.justice.gov/opa/pr/four-russian-government-employees-charged-two-historical-hacking-campaigns-targeting-critical
- https://www.dragos.com/threat/dymalloy/
- http://fortune.com/2017/09/06/hack-energy-grid-symantec/
- https://www.mandiant.com/resources/ukraine-crisis-cyber-threats
- https://www.secureworks.com/research/mcmd-malware-analysis
- https://www.secureworks.com/research/resurgent-iron-liberty-targeting-energy-sector
- https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector
- https://vblocalhost.com/uploads/VB2021-Slowik.pdf
Software attributed to this1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Software | Trojan.Karaganys0094 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.