Nitro  (Back to overview)

aka: Covert Grove

These attackers were the subject of an extensive report by Symantec in 2011, which termed the attackers Nitro and stated: 'The goal of the attackers appears to be to collect intellectual property such as design documents, formulas, and manufacturing processes. In addition, the same attackers appear to have a lengthy operation history including attacks on other industries and organizations. Attacks on the chemical industry are merely their latest attack wave. As part of our investigations, we were also able to identify and contact one of the attackers to try and gain insights into the motivations behind these attacks.' Palo Alto Networks reported on continued activity by the attackers in 2014.

Associated Families

There are currently no families associated with this actor.

2014-10-03Palo Alto Networks Unit 42Jen Miller-Osborn
New Indicators of Compromise for APT Group Nitro Uncovered
2011-10-31Trend MicroNart Villeneuve
The Significance of the "Nitro" Attacks
2011-01-01SymantecErica Eng, Gavin O'Gorman
The Nitro Attacks: Stealing Secrets from the Chemical Industry
Poison Ivy Nitro
2011-01-01SymantecEric Chien, Gavin O'Gorman
The Nitro Attacks

Credits: MISP Project