S0502Linux

S0502Drovorub

Platforms
1
ATT&CK
14.1
References
2

Description

[Drovorub](https://attack.mitre.org/software/S0502) is a Linux malware toolset comprised of an agent, client, server, and kernel modules, that has been used by [APT28](https://attack.mitre.org/groups/G0007).(Citation: NSA/FBI Drovorub August 2020) Documented platforms: Linux. Attributed to ATT&CK group: APT28. Catalogued in ATT&CK 14.1. 2 references curated.

Platforms· 1

Linux

Attributed to1

TypeTargetConfidenceTier
GroupAPT28g000795%live

References

  1. https://attack.mitre.org/software/S0502
  2. https://media.defense.gov/2020/Aug/13/2002476465/-1/-1/0/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
SDBbot
Software
Zebrocy
Software
Uroburos
Software
OnionDuke
Software
DDKONG
Software
TrailBlazer
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.