สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > [Unnamed groups: Russia]

Threat Group Cards: A Threat Actor Encyclopedia

APT group: [Unnamed groups: Russia]

Names	[Unnamed groups: Russia] (?)
Country	Russia
Motivation	Information theft and espionage, Financial gain, Sabotage and destruction
First seen	2014
Description	These are reported APT activities attributed to a country, but not to an individual threat group.
Observed	Sectors: Financial. Countries: Australia, Singapore, USA and Worldwide.
Tools used
Operations performed	2014	Yahoo hit with a Massive 500 Million Account Data Breach <https://www.bleepingcomputer.com/news/business/yahoo-hit-with-a-massive-500-million-account-data-breach/>
	Jun 2018	Russian Attacks Against Singapore Spike During Trump-Kim Summit <https://www.f5.com/labs/articles/threat-intelligence/russian-attacks-against-singapore-spike-during-trump-kim-summit>
	Jun 2022	Russian hackers may be behind Texas natural gas plant explosion: report <https://americanmilitarynews.com/2022/06/russian-hackers-may-be-behind-texas-natural-gas-plant-explosion-report/>
	Oct 2022	Medibank cyber incident <https://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident> <https://www.bankinfosecurity.com/medibank-hackers-dump-stolen-on-dark-web-a-20604>
Counter operations	Mar 2017	US Charges Four Hackers in Yahoo 2014 Security Breach, Including Two FSB Agents <https://www.bleepingcomputer.com/news/security/us-charges-four-hackers-in-yahoo-2014-security-breach-including-two-fsb-agents/>
	Mar 2022	Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) <https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-disruption-botnet-controlled-russian-federation>
	Jun 2022	Russian Botnet Disrupted in International Cyber Operation <https://www.justice.gov/usao-sdca/pr/russian-botnet-disrupted-international-cyber-operation>
	Jan 2024	Australia, US, UK Sanction Russian Over 2022 Medibank Breach <https://www.bankinfosecurity.com/australia-us-uk-sanction-russian-over-2022-medibank-breach-a-24163>
	Feb 2024	Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU) <https://www.justice.gov/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian>
	Feb 2024	Russia arrests three alleged SugarLocker ransomware members <https://therecord.media/russia-arrests-sugarlocker-ransomware-members>
Information	<https://www.cisa.gov/news-events/alerts/2018/03/15/russian-government-cyber-activity-targeting-energy-and-other-critical> <https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a> <https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-116a> <https://www.cisa.gov/uscert/ncas/alerts/aa22-011a> <https://www.cisa.gov/uscert/ncas/alerts/aa22-074a> <https://www.cisa.gov/uscert/ncas/alerts/aa22-083a> <https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a> <https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-057a> <https://research.checkpoint.com/2019/russianaptecosystem/>

Last change to this card: 13 March 2024

Download this actor card in PDF or JSON format

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]