| SYMBOL | COMMON_NAME | aka. SYNONYMS |
A group targeting UA state organizations using the GraphSteel and GrimPlant malware.
| 2023-06-14
⋅
Microsoft
⋅
Cadet Blizzard emerges as a novel and distinct Russian threat actor p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear |
| 2023-05-16
⋅
Secureworks
⋅
The Growing Threat from Infostealers Graphiron GraphSteel Raccoon RedLine Stealer Rhadamanthys Taurus Stealer Vidar |
| 2023-04-12
⋅
circleid
⋅
Probing Lorec53 Phishing through the DNS Microscope SaintBear |
| 2023-02-16
⋅
Google
⋅
Fog of war: how the Ukraine conflict transformed the cyber threat landscape APT28 Ghostwriter SaintBear Sandworm Turla |
| 2023-02-08
⋅
Broadcom
⋅
Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine Graphiron SaintBear |
| 2022-07-18
⋅
Palo Alto Networks Unit 42
⋅
Nascent Ursa Saint Bot SaintBear |
| 2022-06-09
⋅
MITRE
⋅
MITRE actor profile for Ember Bear SaintBear |
| 2022-04-07
⋅
Malpedia
⋅
Malpedia Page for GraphSteel GraphSteel SaintBear |
| 2022-04-04
⋅
Intezer
⋅
Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations GraphSteel GrimPlant SaintBear |
| 2022-04-01
⋅
Malwarebytes
⋅
New UAC-0056 activity: There’s a Go Elephant in the room GrimPlant SaintBear |
| 2022-03-30
⋅
CrowdStrike
⋅
Who is EMBER BEAR? SaintBear |
| 2022-03-28
⋅
⋅
Cert-UA
⋅
UAC-0056 cyberattack on Ukrainian state authorities using GraphSteel and GrimPlant malware (CERT-UA#4293) GraphSteel GrimPlant SaintBear |
| 2022-03-15
⋅
SentinelOne
⋅
Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software Cobalt Strike GraphSteel GrimPlant SaintBear |
| 2021-11-23
⋅
NSFOCUS
⋅
2021 Analysis Report on Lorec53 Group SaintBear |