| SYMBOL | COMMON_NAME | aka. SYNONYMS |
PROMETHIUM is an activity group that has been active as early as 2012. The group primarily uses Truvasys, a first-stage malware that has been in circulation for several years. Truvasys has been involved in several attack campaigns, where it has masqueraded as one of server common computer utilities, including WinUtils, TrueCrypt, WinRAR, or SanDisk. In each of the campaigns, Truvasys malware evolved with additional features—this shows a close relationship between the activity groups behind the campaigns and the developers of the malware.
| 2022-03-23
⋅
⋅
Qianxin
⋅
Analysis of Attack Activity of PROMETHIUM Disguised StrongPity |
| 2021-12-09
⋅
Minerva Labs
⋅
A new StrongPity variant hides behind Notepad++ installation StrongPity |
| 2021-11-30
⋅
⋅
Qianxin
⋅
Cyberspace's Magic Eye: PROMETHIUM Fakes attack activity analysis of NotePads and installation packages StrongPity |
| 2021-11-05
⋅
Blackberry
⋅
Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware Cobalt Strike DoppelDridex Mount Locker Phobos StrongPity |
| 2021-05-24
⋅
Anchored Narratives on Threat Intelligence and Geopolitics
⋅
Tracking StrongPity with Yara StrongPity |
| 2021-04-18
⋅
Anchored Narratives on Threat Intelligence and Geopolitics
⋅
Recover your files with StrongPity StrongPity |
| 2021-02-28
⋅
PWC UK
⋅
Cyber Threats 2020: A Year in Retrospect elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare APT10 APT23 APT27 APT31 APT41 BlackTech BRONZE EDGEWOOD Inception Framework MUSTANG PANDA Red Charon Red Nue Sea Turtle Tonto Team |
| 2021-02-01
⋅
Medium 0xthreatintel
⋅
Uncovering APT-C-41 (StrongPity) Backdoor StrongPity |
| 2020-12-31
⋅
cyble
⋅
StrongPity APT Extends Global Reach with New Infrastructure StrongPity |
| 2020-12-21
⋅
Cisco Talos
⋅
2020: The year in malware WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader |
| 2020-10-30
⋅
⋅
360
⋅
蓝色魔眼(APT-C-41)组织首次针对我国重要机构定向攻击活动披露 StrongPity |
| 2020-06-30
⋅
Bitdefender
⋅
StrongPity APT - Revealing Trojanized Tools, Working Hours and Infrastructure StrongPity |
| 2020-06-29
⋅
Cisco Talos
⋅
PROMETHIUM extends global reach with StrongPity3 APT StrongPity |
| 2019-01-01
⋅
MITRE
⋅
Group description: NEODYMIUM NEODYMIUM PROMETHIUM |
| 2019-01-01
⋅
MITRE
⋅
Group description: PROMETHIUM PROMETHIUM |
| 2018-03-09
⋅
Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads? StrongPity |
| 2017-12-08
⋅
ESET Research
⋅
StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved? StrongPity |
| 2016-12-14
⋅
Microsoft
⋅
Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe PROMETHIUM |
| 2016-10-12
⋅
Twitter (@PhysicalDrive0)
⋅
Tweet on StrongPity StrongPity |
| 2016-10-06
⋅
Virus Bulletin
⋅
On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users PROMETHIUM |
| 2016-10-03
⋅
Kaspersky Labs
⋅
On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users StrongPity |