Nomadic Octopus | APT Profile

Description

[Nomadic Octopus](https://attack.mitre.org/groups/G0133) is a Russian-speaking cyber espionage threat group that has primarily targeted Central Asia, including local governments, diplomatic missions, and individuals, since at least 2014. [Nomadic Octopus](https://attack.mitre.org/groups/G0133) has been observed conducting campaigns involving Android and Windows malware, mainly using the Delphi programming language, and building custom variants.(Citation: Security Affairs DustSquad Oct 2018)(Citation: Securelist Octopus Oct 2018)(Citation: ESET Nomadic Octopus 2018)

Techniques Used (TTPs)

T1059.003 — Windows Command Shell (execution)
T1036 — Masquerading (defense-evasion)
T1566.001 — Spearphishing Attachment (initial-access)
T1204.002 — Malicious File (execution)
T1105 — Ingress Tool Transfer (command-and-control)
T1564.003 — Hidden Window (defense-evasion)
T1059.001 — PowerShell (execution)

Total TTPs: 7

Malware & Tools

Malware: Octopus

← Return to Home ← Back to APT Search