G0112

G0112Windshift

Description

[Windshift](https://attack.mitre.org/groups/G0112) is a threat group that has been active since at least 2017, targeting specific individuals for surveillance in government departments and critical infrastructure across the Middle East.(Citation: SANS Windshift August 2018)(Citation: objective-see windtail1 dec 2018)(Citation: objective-see windtail2 jan 2019)

References

  1. https://attack.mitre.org/groups/G0112
  2. https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1554718868.pdf
  3. https://objective-see.com/blog/blog_0x3B.html
  4. https://objective-see.com/blog/blog_0x3D.html

Software attributed to this1

TypeTargetConfidenceTier
SoftwareWindTails046695%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Sidewinder
Group
WIRTE
Group
Molerats
Group
HEXANE
Group
BackdoorDiplomacy
Group
Volatile Cedar
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.