ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Home > List all groups > Scarab

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Scarab

NamesScarab (Symantec)
UAC-0026 (CERT-UA)
CountryChina China
MotivationInformation theft and espionage
First seen2012
Description(Symantec) A group of attackers, which we call Scarab, has been performing highly targeted attacks against particular Russian-speaking individuals both inside and outside of Russia since at least January 2012. In each campaign, the attackers typically target a small amount of individuals—rather than enterprises or governments—using economic, military, topical, or generic lures. On average, less than ten unique computers are infected per month and there is no indication that the attackers are trying to spread through the victim’s local network, suggesting that Scarab’s campaigns are extremely targeted in nature.
ObservedCountries: Russia, Syria, Ukraine, USA.
Tools usedScieron.
Operations performedMar 2022Chinese Threat Actor Scarab Targeting Ukraine

Last change to this card: 04 April 2022

Download this actor card in PDF or JSON format

Previous: Sandworm Team, Iron Viking, Voodoo Bear
Next: Scarlet Mimic

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]