SYMBOLCOMMON_NAMEaka. SYNONYMS

TAG-53  (Back to overview)


A Russia-linked threat actor tracked as TAG-53 is running phishing campaigns impersonating various defense, aerospace, and logistic companies, according to The Record by Recorded Future. Recorded Future’s Insikt Group identified overlaps with a threat actor tracked by other companies as Callisto Group, COLDRIVER, and SEABORGIUM.

Associated Families

There are currently no families associated with this actor.

References
2022-12-07KnowBe4Stu Sjouwerman
@online{sjouwerman:20221207:russian:0c12175, author = {Stu Sjouwerman}, title = {{Russian Threat Actor Impersonates Aerospace and Defense Companies}}, date = {2022-12-07}, organization = {KnowBe4}, url = {https://blog.knowbe4.com/russian-threat-actor-impersonates-aerospace-and-defense-companies}, language = {English}, urldate = {2023-01-03} } Russian Threat Actor Impersonates Aerospace and Defense Companies
TAG-53
2022-12-05Recorded FutureInsikt Group
@techreport{group:20221205:exposing:b80717f, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-1205.pdf}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
2022-12-05Recorded FutureInsikt Group
@online{group:20221205:exposing:4181968, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations?utm_campaign=PostBeyond&utm_source=Twitter&utm_medium=359877&utm_term=Exposing+TAG-53%E2%80%99s+Credential+Harvesting+Infrastructure+Used+for+Russia-Aligned+Espionage+Operations}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
Credits: MISP Project