SYMBOLCOMMON_NAMEaka. SYNONYMS

LYCEUM  (Back to overview)

aka: COBALT LYCEUM, HEXANE, Spirlin, siamesekitten


Associated Families
win.lyceum_dns_backdoor_dotnet win.lyceum_http_backdoor_dotnet win.lyceum_http_backdoor_golang

References
2022-03-31Check Point Research
@online{research:20220331:statesponsored:d8ce198, author = {Check Point Research}, title = {{State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage}}, date = {2022-03-31}, url = {https://research.checkpoint.com/2022/state-sponsored-attack-groups-capitalise-on-russia-ukraine-war-for-cyber-espionage/}, language = {English}, urldate = {2022-04-05} } State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage
Loki RAT El Machete APT Backdoor Dropper Lyceum .NET DNS Backdoor Lyceum .NET TCP Backdoor Lyceum Golang HTTP Backdoor
2021-11-09PrevailionPrevailion, Accenture Cyber Threat Intelligence
@online{prevailion:20211109:who:f88228a, author = {Prevailion and Accenture Cyber Threat Intelligence}, title = {{Who are latest targets of cyber group Lyceum?}}, date = {2021-11-09}, organization = {Prevailion}, url = {https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/}, language = {English}, urldate = {2021-11-09} } Who are latest targets of cyber group Lyceum?
Milan Shark LYCEUM
2021-10-07KasperskyAseel Kayal, Mark Lechtik, Paul Rascagnères
@techreport{kayal:20211007:lyceum:395a41f, author = {Aseel Kayal and Mark Lechtik and Paul Rascagnères}, title = {{LYCEUM Reborn: Counterintelligence in the Middle East}}, date = {2021-10-07}, institution = {Kaspersky}, url = {https://vblocalhost.com/uploads/VB2021-Kayal-etal.pdf}, language = {English}, urldate = {2021-10-25} } LYCEUM Reborn: Counterintelligence in the Middle East
danbot LYCEUM
2021-08-17ClearSkyClearSky Research Team
@online{team:20210817:new:b1c0eb5, author = {ClearSky Research Team}, title = {{New Iranian Espionage Campaign By “Siamesekitten” – Lyceum}}, date = {2021-08-17}, organization = {ClearSky}, url = {https://www.clearskysec.com/siamesekitten/}, language = {English}, urldate = {2022-02-17} } New Iranian Espionage Campaign By “Siamesekitten” – Lyceum
LYCEUM
2020SecureworksSecureWorks
@online{secureworks:2020:cobalt:1a61198, author = {SecureWorks}, title = {{COBALT LYCEUM}}, date = {2020}, organization = {Secureworks}, url = {https://www.secureworks.com/research/threat-profiles/cobalt-lyceum}, language = {English}, urldate = {2020-05-23} } COBALT LYCEUM
danbot RGDoor LYCEUM
2019-08-27SecureworksCTU Research Team
@online{team:20190827:lyceum:afc3b25, author = {CTU Research Team}, title = {{LYCEUM Takes Center Stage in Middle East Campaign}}, date = {2019-08-27}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign}, language = {English}, urldate = {2020-01-06} } LYCEUM Takes Center Stage in Middle East Campaign
LYCEUM

Credits: MISP Project