G0056

G0056PROMETHIUM

Description

[PROMETHIUM](https://attack.mitre.org/groups/G0056) is an activity group focused on espionage that has been active since at least 2012. The group has conducted operations globally with a heavy emphasis on Turkish targets. [PROMETHIUM](https://attack.mitre.org/groups/G0056) has demonstrated similarity to another activity group called [NEODYMIUM](https://attack.mitre.org/groups/G0055) due to overlapping victim and campaign characteristics.(Citation: Microsoft NEODYMIUM Dec 2016)(Citation: Microsoft SIR Vol 21)(Citation: Talos Promethium June 2020)

References

  1. https://attack.mitre.org/groups/G0056
  2. https://blogs.technet.microsoft.com/mmpc/2016/12/14/twin-zero-day-attacks-promethium-and-neodymium-target-individuals-in-europe/
  3. http://download.microsoft.com/download/E/B/0/EB0F50CC-989C-4B66-B7F6-68CD3DC90DE3/Microsoft_Security_Intelligence_Report_Volume_21_English.pdf
  4. https://blog.talosintelligence.com/2020/06/promethium-extends-with-strongpity3.html
  5. https://www.bitdefender.com/files/News/CaseStudies/study/353/Bitdefender-Whitepaper-StrongPity-APT.pdf

Software attributed to this2

TypeTargetConfidenceTier
SoftwareTruvasyss0178100%live
SoftwareStrongPitys049195%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
NEODYMIUM
Group
POLONIUM
Group
GALLIUM
Group
Gelsemium
Group
PLATINUM
Group
TA505
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.