| SYMBOL | COMMON_NAME | aka. SYNONYMS |
The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups in the world, operating alongside but always from a position of superiority with the creators of Stuxnet and Flame
| 2022-05-11 ⋅ ExaTrack ⋅ Tricephalic Hellkeeper: a tale of a passive backdoor BPFDoor Bvp47 Uroburos |
| 2022-04-11 ⋅ Pangu Lab ⋅ Bvp47 Technical Details Report II Bvp47 |
| 2022-02-23 ⋅ The Hacker News ⋅ Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool Bvp47 |
| 2022-02-23 ⋅ Bleeping Computer ⋅ NSA-linked Bvp47 Linux backdoor widely undetected for 10 years Bvp47 |
| 2022-02-23 ⋅ Pangu Lab ⋅ The Bvp47 - a Top-tier Backdoor of US NSA Equation Group Bvp47 |
| 2022-02-22 ⋅ Pangu Lab ⋅ Bvp47 - Top-tier Backdoor of US NSA Equation Group Bvp47 |
| 2022-01-21 ⋅ Twitter (@_CPResearch_) ⋅ Tweet on WhiteLambert malware Lambert |
| 2021-12-27 ⋅ A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard Equationgroup (Sorting) Fanny MISTYVEAL PeddleCheap |
| 2021-12-01 ⋅ ESET Research ⋅ Jumping the air gap: 15 years of nation‑state effort Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry |
| 2021-10-01 ⋅ Objective-See ⋅ Made In America: Green Lambert for OS X Lambert |
| 2021-06-10 ⋅ ESET Research ⋅ BackdoorDiplomacy: Upgrading from Quarian to Turian CHINACHOPPER DoublePulsar EternalRocks turian BackdoorDiplomacy |
| 2021-02-05 ⋅ EpicTurla ⋅ Voltron STA The curious case of 0xFancyFilter fancyfilter MISTYVEAL Regin |
| 2020-09-28 ⋅ fmmresearch wordpress ⋅ The Emerald Connection: Equation Group collaboration with Stuxnet Fanny Stuxnet |
| 2020-09-28 ⋅ fmmresearch wordpress ⋅ The Emerald Connection: EquationGroup collaboration with Stuxnet Fanny Stuxnet |
| 2020-09-10 ⋅ Kaspersky Labs ⋅ An overview of targeted attacks and APTs on Linux Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent |
| 2020-08-27 ⋅ fmnagisa wordpress ⋅ Revisiting EquationGroup’s FANNY… or is it DEMENTIAWHEEL? DoubleFantasy Fanny |
| 2020-08-15 ⋅ Twitter (@Int2e_) ⋅ Tweet on DoubleFantasy DoubleFantasy |
| 2020-05-07 ⋅ Twitter (@ESETresearch) ⋅ Tweet on PeddleCheap packed with Winnti packer PeddleCheap |
| 2020-02-13 ⋅ Qianxin ⋅ APT Report 2019 Chrysaor Exodus Dacls VPNFilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy |
| 2020 ⋅ Secureworks ⋅ PLATINUM TERMINAL TalentRAT Equation Group |
| 2019-11-08 ⋅ Wikipedia ⋅ Wikipedia Entry on Equation Group Equation Group |
| 2019-09-30 ⋅ Qianxin ⋅ Analysis and disclosure of the CIA's cyber arsenal Lambert |
| 2019-05-07 ⋅ Symantec ⋅ Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak DoublePulsar |
| 2019 ⋅ MITRE ⋅ Group description: Equation Equation Group |
| 2019 ⋅ Council on Foreign Relations ⋅ Equation Group Equation Group |
| 2018-12-13 ⋅ Trend Micro ⋅ Tildeb: An Implant from the Shadow Brokers’ Leak tildeb |
| 2018-06-15 ⋅ Youtube (defconswitzerland) ⋅ Area41 Keynote Lambert Regin |
| 2018-02-06 ⋅ Forcepoint ⋅ DanderSpritz/PeddleCheap traffic analysis (Part 1 of 2) PeddleCheap |
| 2017-11-13 ⋅ Obscurity Labs ⋅ Match Made In The Shadows: Part [3] PeddleCheap |
| 2017-04-10 ⋅ Symantec ⋅ Longhorn: Tools used by cyberespionage group linked to Vault 7 Lambert Longhorn |
| 2017-04-10 ⋅ Symantec ⋅ Longhorn: Tools used by cyberespionage group linked to Vault 7 Lambert Longhorn |
| 2017-03-30 ⋅ EquationDrug rootkit analysis (mstcp32.sys) EquationDrug |
| 2017-03-07 ⋅ Wikileaks ⋅ Vault 7: CIA Hacking Tools Revealed Unidentified 020 (Vault7) |
| 2016-11-04 ⋅ Antiy CERT ⋅ FROM EQUATION TO EQUATIONS DoubleFantasy |
| 2016-10-05 ⋅ The Shadow Brokers auctions cyber weapons from Equation Group Equation Group |
| 2015-03-11 ⋅ Kaspersky Labs ⋅ Inside the EquationDrug Espionage Platform EquationDrug |
| 2015-02-16 ⋅ Kaspersky Labs ⋅ Equation: The Death Star of Malware Galaxy DoubleFantasy EquationDrug Fanny GROK |
| 2015-02-16 ⋅ Kaspersky Labs ⋅ Equation: The Death Star of Malware Galaxy Fanny |
| 2015-02-16 ⋅ Ars Technica ⋅ How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last Equation Group |
| 2015-02 ⋅ Kaspersky Labs ⋅ Equation Group: Questions and Answers Equation Group |
| 2014-04-17 ⋅ Nettitude Labs ⋅ A quick analysis of the latest Shadow Brokers dump DarkPulsar |
| 2010-09 ⋅ Wikipedia ⋅ Stuxnet Equation Group |