Names | Scarab (Symantec) UAC-0026 (CERT-UA) | |
Country | China | |
Motivation | Information theft and espionage | |
First seen | 2012 | |
Description | (Symantec) A group of attackers, which we call Scarab, has been performing highly targeted attacks against particular Russian-speaking individuals both inside and outside of Russia since at least January 2012. In each campaign, the attackers typically target a small amount of individuals—rather than enterprises or governments—using economic, military, topical, or generic lures. On average, less than ten unique computers are infected per month and there is no indication that the attackers are trying to spread through the victim’s local network, suggesting that Scarab’s campaigns are extremely targeted in nature. | |
Observed | Countries: Russia, Syria, Ukraine, USA. | |
Tools used | Scieron. | |
Operations performed | Mar 2022 | Chinese Threat Actor Scarab Targeting Ukraine <https://www.sentinelone.com/labs/chinese-threat-actor-scarab-targeting-ukraine/> |
Information | <https://web.archive.org/web/20150124025612/http:/www.symantec.com:80/connect/blogs/scarab-attackers-took-aim-select-russian-targets-2012> |
Last change to this card: 04 April 2022
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |