G1018

G1018TA2541

Description

[TA2541](https://attack.mitre.org/groups/G1018) is a cybercriminal group that has been targeting the aviation, aerospace, transportation, manufacturing, and defense industries since at least 2017. [TA2541](https://attack.mitre.org/groups/G1018) campaigns are typically high volume and involve the use of commodity remote access tools obfuscated by crypters and themes related to aviation, transportation, and travel.(Citation: Proofpoint TA2541 February 2022)(Citation: Cisco Operation Layover September 2021)

References

  1. https://attack.mitre.org/groups/G1018
  2. https://www.proofpoint.com/us/blog/threat-insight/charting-ta2541s-flight
  3. https://blog.talosintelligence.com/operation-layover-how-we-tracked-attack/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
LazyScripter
Group
APT18
Group
APT17
Group
TA551
Group
Chimera
Group
FIN10
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.