G1005

G1005POLONIUM

Description

[POLONIUM](https://attack.mitre.org/groups/G1005) is a Lebanon-based group that has primarily targeted Israeli organizations, including critical manufacturing, information technology, and defense industry companies, since at least February 2022. Security researchers assess [POLONIUM](https://attack.mitre.org/groups/G1005) has coordinated their operations with multiple actors affiliated with Iran’s Ministry of Intelligence and Security (MOIS), based on victim overlap as well as common techniques and tooling.(Citation: Microsoft POLONIUM June 2022)

References

  1. https://attack.mitre.org/groups/G1005
  2. https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-and-infrastructure-targeting-israeli-organizations/

Software attributed to this2

TypeTargetConfidenceTier
SoftwareCreepySnails1024100%live
SoftwareCreepyDrives102395%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
Moses Staff
Group
PROMETHIUM
Group
HEXANE
Actor
Group5
Group
Molerats
Group
PLATINUM
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.