SYMBOLCOMMON_NAMEaka. SYNONYMS

TEMP.Veles  (Back to overview)

aka: Xenotime

TEMP.Veles is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing TRITON, a malware framework designed to manipulate industrial safety systems.


Associated Families

There are currently no families associated with this actor.


References
2019MITREMITRE ATT&CK
@online{attck:2019:tempveles:c62b7f7, author = {MITRE ATT&CK}, title = {{Group description: TEMP.Veles}}, date = {2019}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0088/}, language = {English}, urldate = {2019-12-20} } Group description: TEMP.Veles
TEMP.Veles
2017-12-14FireEyeBlake Johnson, Dan Caban, Marina Krotofil, Dan Scali, Nathan Brubaker, Christopher Glyer
@online{johnson:20171214:attackers:6b0be76, author = {Blake Johnson and Dan Caban and Marina Krotofil and Dan Scali and Nathan Brubaker and Christopher Glyer}, title = {{Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure}}, date = {2017-12-14}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html}, language = {English}, urldate = {2019-12-20} } Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure
Triton TEMP.Veles
2017-12DragosRobert M. Lee
@online{lee:201712:trisis:978f131, author = {Robert M. Lee}, title = {{TRISIS: Analyzing Safety System Targeting Malware}}, date = {2017-12}, organization = {Dragos}, url = {https://dragos.com/resource/trisis-analyzing-safety-system-targeting-malware/}, language = {English}, urldate = {2019-12-17} } TRISIS: Analyzing Safety System Targeting Malware
TEMP.Veles

Credits: MISP Project