SYMBOLCOMMON_NAMEaka. SYNONYMS

NEODYMIUM  (Back to overview)

aka: G0055

NEODYMIUM is an activity group that is known to use a backdoor malware detected by Microsoft as Wingbird. This backdoor’s characteristics closely match FinFisher, a government-grade commercial surveillance package. Data about Wingbird activity indicate that it is typically used to attack individual computers instead of networks.


Associated Families

There are currently no families associated with this actor.


References
2019-01-01MITREMITRE ATT&CK
Group description: NEODYMIUM
NEODYMIUM PROMETHIUM
2016-12-14MicrosoftMicrosoft Defender ATP Research Team
Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe
NEODYMIUM

Credits: MISP Project