A Russian group that collects intelligence on the energy industry.
http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans
|
http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/
|
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
|
https://attack.mitre.org/groups/G0035/
|
https://dragos.com/wp-content/uploads/CrashOverride-01.pdf
|
1
https://github.com/wso-shell
|
1
https://insights.sei.cmu.edu/cert/2019/03/api-hashing-tool-imagine-that.html
|
1
https://securelist.com/energetic-bear-crouching-yeti/85345/
|
https://ssu.gov.ua/sbu/control/uk/publish/article?art_id=170951&cat_i=39574
|
https://threatpost.com/energy-watering-hole-attack-used-lightsout-exploit-kit/104772/
|
https://www.cfr.org/interactive/cyber-operations/crouching-yeti
|
1
https://www.f-secure.com/weblog/archives/00002718.html
|
https://www.independent.ie/irish-news/statesponsored-hackers-targeted-eirgrid-electricity-network-in-devious-attack-36005921.html
|
https://www.kaspersky.com/resource-center/threats/crouching-yeti-energetic-bear-malware-threat
|
https://www.reuters.com/article/us-ukraine-cyber-attack-energy-idUSKBN1521BA
|
https://www.riskiq.com/blog/labs/energetic-bear/
|
https://www.sans.org/reading-room/whitepapers/ICS/impact-dragonfly-malware-industrial-control-systems-36672
|
https://www.secureworks.com/research/resurgent-iron-liberty-targeting-energy-sector
|
1
https://www.secureworks.com/research/updated-karagany-malware-targets-energy-sector
|
https://www.symantec.com/blogs/threat-intelligence/dragonfly-energy-sector-cyber-attacks
|
4
https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group
|