APT28
Also known as: Fancy Bear, Sofacy, Pawn Storm, Forest Blizzard
Overview
Russian GRU Unit 26165. Targets NATO governments, military, and media. Known for hack-and-leak operations and zero-day exploitation. Active in disinformation campaigns.
MITRE ATT&CK Coverage
Recon
Res Dev
Init Access
Execution
Persistence
Priv Esc
Def Evasion
Cred Access
Discovery
Lat Move
Collection
C2
Exfil
Impact
2 of 14 tactics observed
Raw TTPs
Zero-Day ExploitationCredential HarvestingVPN ExploitationHack-and-LeakWatering Hole Attacks
Related Intelligence (0)
No articles currently linked to this actor.