G0048

G0048RTM

Description

[RTM](https://attack.mitre.org/groups/G0048) is a cybercriminal group that has been active since at least 2015 and is primarily interested in users of remote banking systems in Russia and neighboring countries. The group uses a Trojan by the same name ([RTM](https://attack.mitre.org/software/S0148)). (Citation: ESET RTM Feb 2017)

References

  1. https://attack.mitre.org/groups/G0048
  2. https://www.welivesecurity.com/wp-content/uploads/2017/02/Read-The-Manual.pdf

Software attributed to this1

TypeTargetConfidenceTier
SoftwareRTMs0148100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
GCMAN
Group
Cobalt Group
Group
TA459
Group
Silence
Group
Gamaredon Group
Group
Turla
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.