SYMBOLCOMMON_NAMEaka. SYNONYMS

Nitro  (Back to overview)

aka: Covert Grove

These attackers were the subject of an extensive report by Symantec in 2011, which termed the attackers Nitro and stated: 'The goal of the attackers appears to be to collect intellectual property such as design documents, formulas, and manufacturing processes. In addition, the same attackers appear to have a lengthy operation history including attacks on other industries and organizations. Attacks on the chemical industry are merely their latest attack wave. As part of our investigations, we were also able to identify and contact one of the attackers to try and gain insights into the motivations behind these attacks.' Palo Alto Networks reported on continued activity by the attackers in 2014.


Associated Families

There are currently no families associated with this actor.


References
2014-10-03Palo Alto Networks Unit 42Jen Miller-Osborn
@online{millerosborn:20141003:new:44982b6, author = {Jen Miller-Osborn}, title = {{New Indicators of Compromise for APT Group Nitro Uncovered}}, date = {2014-10-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/new-indicators-compromise-apt-group-nitro-uncovered/}, language = {English}, urldate = {2020-01-08} } New Indicators of Compromise for APT Group Nitro Uncovered
Nitro
2011-10-31Trend MicroNart Villeneuve
@online{villeneuve:20111031:significance:4039c39, author = {Nart Villeneuve}, title = {{The Significance of the "Nitro" Attacks}}, date = {2011-10-31}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/the-significance-of-the-nitro-attacks/}, language = {English}, urldate = {2020-01-08} } The Significance of the "Nitro" Attacks
Nitro
2011SymantecEric Chien, Gavin O'Gorman
@techreport{chien:2011:nitro:76c8338, author = {Eric Chien and Gavin O'Gorman}, title = {{The Nitro Attacks}}, date = {2011}, institution = {Symantec}, url = {http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf}, language = {English}, urldate = {2020-01-13} } The Nitro Attacks
Nitro
2011SymantecErica Eng, Gavin O'Gorman
@techreport{eng:2011:nitro:656e464, author = {Erica Eng and Gavin O'Gorman}, title = {{The Nitro Attacks: Stealing Secrets from the Chemical Industry}}, date = {2011}, institution = {Symantec}, url = {https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2011/the_nitro_attacks.pdf}, language = {English}, urldate = {2020-04-21} } The Nitro Attacks: Stealing Secrets from the Chemical Industry
Poison Ivy Nitro

Credits: MISP Project