G0074

G0074Dragonfly 2.0

Description

[Dragonfly 2.0](https://attack.mitre.org/groups/G0074) is a suspected Russian group that has targeted government entities and multiple U.S. critical infrastructure sectors since at least December 2015. (Citation: US-CERT TA18-074A) (Citation: Symantec Dragonfly Sept 2017) There is debate over the extent of overlap between [Dragonfly 2.0](https://attack.mitre.org/groups/G0074) and [Dragonfly](https://attack.mitre.org/groups/G0035), but there is sufficient evidence to lead to these being tracked as two separate groups. (Citation: Fortune Dragonfly 2.0 Sept 2017)(Citation: Dragos DYMALLOY )

References

  1. https://attack.mitre.org/groups/G0074
  2. https://www.dragos.com/threat/dymalloy/
  3. http://fortune.com/2017/09/06/hack-energy-grid-symantec/
  4. https://www.secureworks.com/research/mcmd-malware-analysis
  5. https://www.secureworks.com/research/threat-profiles/iron-liberty
  6. https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group
  7. https://www.us-cert.gov/ncas/alerts/TA18-074A

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Dragonfly
Group
Inception
Group
Sandworm Team
Group
Sowbug
Group
Aoqin Dragon
Group
Suckfly
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.