Mandiant observed this group operating since December 2019. Its techniques partially overlap with multiple Russian-based espionage actors (APT28 and APT29). They are described as having a high level of operational security, low malware footprint, adept evasive skills, and a large Internet of Things (IoT) device botnet at their disposal.
There are currently no families associated with this actor.
|2022-05-02 ⋅ Mandiant ⋅ |
UNC3524: Eye Spy on Your Email