SYMBOLCOMMON_NAMEaka. SYNONYMS

TEMP.Veles  (Back to overview)

aka: Xenotime, G0088, ATK91

TEMP.Veles is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing TRITON, a malware framework designed to manipulate industrial safety systems.

Associated Families

There are currently no families associated with this actor.

References
2022-03-04ThalesThales
@online{thales:20220304:atk91:9da1ab0, author = {Thales}, title = {{ATK91}}, date = {2022-03-04}, organization = {Thales}, url = {https://cyberthreat.thalesgroup.com/attackers/ATK91}, language = {English}, urldate = {2022-10-06} } ATK91
TEMP.Veles
2019MITREMITRE ATT&CK
@online{attck:2019:tempveles:c62b7f7, author = {MITRE ATT&CK}, title = {{Group description: TEMP.Veles}}, date = {2019}, organization = {MITRE}, url = {https://attack.mitre.org/groups/G0088/}, language = {English}, urldate = {2019-12-20} } Group description: TEMP.Veles
TEMP.Veles
2017-12-14FireEyeBlake Johnson, Dan Caban, Marina Krotofil, Dan Scali, Nathan Brubaker, Christopher Glyer
@online{johnson:20171214:attackers:6b0be76, author = {Blake Johnson and Dan Caban and Marina Krotofil and Dan Scali and Nathan Brubaker and Christopher Glyer}, title = {{Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure}}, date = {2017-12-14}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html}, language = {English}, urldate = {2019-12-20} } Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure
Triton TEMP.Veles
2017-12DragosRobert M. Lee
@online{lee:201712:trisis:978f131, author = {Robert M. Lee}, title = {{TRISIS: Analyzing Safety System Targeting Malware}}, date = {2017-12}, organization = {Dragos}, url = {https://dragos.com/resource/trisis-analyzing-safety-system-targeting-malware/}, language = {English}, urldate = {2019-12-17} } TRISIS: Analyzing Safety System Targeting Malware
TEMP.Veles
2017DragosDragos
@online{dragos:2017:xenotime:2f1bfdf, author = {Dragos}, title = {{XENOTIME}}, date = {2017}, organization = {Dragos}, url = {https://www.dragos.com/threat/xenotime/}, language = {English}, urldate = {2022-10-06} } XENOTIME
TEMP.Veles
Credits: MISP Project