SYMBOLCOMMON_NAMEaka. SYNONYMS

Void Blizzard  (Back to overview)

aka: LAUNDRY BEAR

Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to the Russian government, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America. The threat actor uses stolen credentials—which are likely procured from commodity infostealer ecosystems—and collects a high volume of email and files from compromised organizations.


Associated Families

There are currently no families associated with this actor.


References
2025-05-27MicrosoftMicrosoft Threat Intelligence
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
Void Blizzard
2025-05-27AIVDAIVD
Unknown Russian group behind hacks Dutch targets
Void Blizzard

Credits: MISP Project