Sowbug  (Back to overview)

Sowbug has been conducting highly targeted cyber attacks against organizations in South America and Southeast Asia and appears to be heavily focused on foreign policy institutions and diplomatic targets. Sowbug has been seen mounting classic espionage attacks by stealing documents from the organizations it infiltrates.

---

Associated Families

---

References

2019 ⋅ Council on Foreign Relations ⋅ Cyber Operations Tracker @online{tracker:2019:sowbug:8b617c4, author = {Cyber Operations Tracker}, title = {{Sowbug}}, date = {2019}, organization = {Council on Foreign Relations}, url = {https://www.cfr.org/interactive/cyber-operations/sowbug}, language = {English}, urldate = {2019-12-20} } Sowbug Sowbug

2019 ⋅ MITRE ⋅ MITRE ATT&CK @online{attck:2019:sowbug:1065fa1, author = {MITRE ATT&CK}, title = {{Group description: Sowbug}}, date = {2019}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0054/}, language = {English}, urldate = {2019-12-20} } Group description: Sowbug Sowbug

2017-11-07 ⋅ Symantec ⋅ Symantec Security Response @online{response:20171107:sowbug:7f0d6eb, author = {Symantec Security Response}, title = {{Sowbug: Cyber espionage group targets South American and Southeast Asian governments}}, date = {2017-11-07}, organization = {Symantec}, url = {https://www.symantec.com/connect/blogs/sowbug-cyber-espionage-group-targets-south-american-and-southeast-asian-governments}, language = {English}, urldate = {2019-12-17} } Sowbug: Cyber espionage group targets South American and Southeast Asian governments Felismus StarLoader Sowbug

---

Credits: MISP Project