G0088

G0088TEMP.Veles

Description

[TEMP.Veles](https://attack.mitre.org/groups/G0088) is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing [TRITON](https://attack.mitre.org/software/S0609), a malware framework designed to manipulate industrial safety systems.(Citation: FireEye TRITON 2019)(Citation: FireEye TEMP.Veles 2018)(Citation: FireEye TEMP.Veles JSON April 2019)

References

  1. https://attack.mitre.org/groups/G0088
  2. https://dragos.com/resource/xenotime/
  3. https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html
  4. https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html
  5. https://www.fireeye.com/content/dam/fireeye-www/blog/files/TRITON_Appendix_C.html
  6. https://pylos.co/2019/04/12/a-xenotime-to-remember-veles-in-the-wild/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
TRITON
Software
TRISIS
Group
RTM
Group
Turla
Actor
TEMPER PANDA
Group
Gorgon Group
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.