ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > WildPressure

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: WildPressure

NamesWilePressure (Kaspersky)
Country[Unknown]
MotivationInformation theft and espionage
First seen2019
Description(Kaspersky) In August 2019, Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector. Our Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns. Nor have we seen any target intersections. In fact, we found just three almost unique samples, all in one country. So we consider the attacks to be targeted and have currently named this operation WildPressure.
ObservedSectors: Industrial, Oil and gas.
Countries: Middle East.
Tools usedMilum.
Operations performedSpring 2021WildPressure targets the macOS platform
<https://securelist.com/wildpressure-targets-macos/103072/>
Information<https://securelist.com/wildpressure-targets-industrial-in-the-middle-east/96360/>

Last change to this card: 09 August 2021

Download this actor card in PDF or JSON format

Previous: Wild Neutron, Butterfly, Sphinx Moth
Next: WindShift

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]