Skip to main content

AA24-249A: Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure

Low
Unknowntlp:whitemisp-galaxy:stix-2.1-attack-pattern="7e6945c5-7f3b-55f6-bcb7-fa324c6bdaed"misp-galaxy:stix-2.1-attack-pattern="cfbd0546-fbbe-50bc-9839-f5942a2351aa"misp-galaxy:stix-2.1-attack-pattern="5831810d-b580-5f7a-a1e7-faed4d1a563f"misp-galaxy:stix-2.1-attack-pattern="486b67c5-001e-5f63-a107-32fc8a0241d3"misp-galaxy:stix-2.1-attack-pattern="8853f41e-8f72-5458-ab93-952f356cfe5a"misp-galaxy:stix-2.1-attack-pattern="e50f5d5e-71ea-562f-a620-81b1959d12bf"misp-galaxy:stix-2.1-attack-pattern="0dfcaefb-2c4e-5c91-a456-1f99d838489c"misp-galaxy:stix-2.1-attack-pattern="29a2e23c-a528-5a0b-9951-62f952c61a41"misp-galaxy:stix-2.1-attack-pattern="72daa13a-e9e7-5e55-b00e-33bd4b388780"misp-galaxy:stix-2.1-attack-pattern="f5c5bb0a-b069-5007-81ce-a5237603e5d2"misp-galaxy:stix-2.1-attack-pattern="fcee58e5-5ecd-59dd-b6f3-a2ca3773d319"misp-galaxy:stix-2.1-attack-pattern="5204f946-8433-5ec8-9191-7befc4fabd19"misp-galaxy:stix-2.1-attack-pattern="e3483879-54f7-577e-bc58-ff095f52940a"misp-galaxy:stix-2.1-attack-pattern="9ee6c31a-4150-5379-b985-e326e66af3ca"misp-galaxy:stix-2.1-attack-pattern="e6927ba4-7209-5b63-a292-b0debffe25ee"misp-galaxy:stix-2.1-attack-pattern="9c5bce7a-fd1d-5dce-8baf-50b158ddd0ef"misp-galaxy:stix-2.1-attack-pattern="d4702430-9466-5d8a-8c61-df2dda91d764"misp-galaxy:stix-2.1-attack-pattern="b3d2e49a-5e0d-5874-abe5-7056de875f42"misp-galaxy:stix-2.1-attack-pattern="ddbb1e82-5ec2-58f6-a798-21a99cdd86bc"misp-galaxy:stix-2.1-attack-pattern="819ae972-e7cb-50fa-951f-39f313782283"misp-galaxy:stix-2.1-attack-pattern="6c1fac21-26db-5cfa-b85b-b35035980c89"misp-galaxy:stix-2.1-attack-pattern="ffdadad3-c8d6-58e2-b167-f7d519a773d2"misp-galaxy:stix-2.1-attack-pattern="ebcb5766-2582-57d4-abdb-217f7d3cf6bf"misp-galaxy:stix-2.1-attack-pattern="65b221c8-e332-5ee8-9690-df517ca14b0e"misp-galaxy:stix-2.1-attack-pattern="a4c3c998-327a-5e05-8a71-274d32a0fc61"misp-galaxy:stix-2.1-attack-pattern="8cc97e25-1098-5b49-a89a-b227ac8acfb6"misp-galaxy:stix-2.1-attack-pattern="deaa17ef-2126-59f8-bfda-8ad576e9f255"misp-galaxy:stix-2.1-attack-pattern="02af8157-334a-5ad7-95da-71d2da89b995"misp-galaxy:stix-2.1-attack-pattern="5e84e7dc-47d0-5cbf-a650-10b7f0cfba02"misp-galaxy:stix-2.1-attack-pattern="ee63b40a-73ae-5655-a319-f550fe7da87e"type:osintosint:lifetime="perpetual"osint:certainty="50"tlp:clearmisp-galaxy:country="russia"misp-galaxy:intelligence-agency="gru (russian federation)"
Published: Fri Sep 06 2024 (09/06/2024, 00:00:00 UTC)
Source: CIRCL OSINT Feed
Vendor/Project: tlp
Product: white

Description

AA24-249A: Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure

AI-Powered Analysis

AILast updated: 06/27/2025, 11:37:06 UTC

Technical Analysis

This threat intelligence report details ongoing cyber operations attributed to Russian military cyber actors, specifically linked to the GRU (Russian Federation). These actors are targeting critical infrastructure sectors in the United States and globally, including Europe. The campaign involves a range of sophisticated attack patterns as indicated by numerous referenced STIX 2.1 attack pattern identifiers, which typically encompass tactics such as initial access, credential access, lateral movement, command and control, and impact techniques. Although the specific vulnerabilities or exploits used are not detailed, the focus on critical infrastructure suggests targeting of industrial control systems (ICS), operational technology (OT), and key network assets that support essential services. The threat is characterized by persistent and strategic cyber espionage and potential disruption activities aimed at undermining critical services. The lack of patch availability and known exploits in the wild indicates that the threat may rely on custom tools, zero-day exploits, or complex intrusion methods rather than widely known vulnerabilities. The severity is currently assessed as low by the source, but this may reflect the current observed impact rather than the potential risk. The threat actors’ use of multiple attack patterns and targeting of critical infrastructure highlights the potential for significant operational disruption, data exfiltration, or sabotage if successful. The intelligence certainty is moderate (50%), indicating some confidence in attribution and activity but with incomplete details. Overall, this represents a strategic cyber threat from a nation-state actor with significant capabilities and intent to impact critical infrastructure globally, including European organizations.

Potential Impact

For European organizations, particularly those operating critical infrastructure such as energy grids, transportation networks, telecommunications, and water treatment facilities, this threat poses a significant risk. Successful intrusions could lead to operational disruptions, data breaches, loss of service availability, and potential physical damage to infrastructure components. The geopolitical context of Russian cyber operations increases the likelihood of targeted attacks against European countries aligned with U.S. and NATO interests. Disruption or espionage in critical infrastructure could have cascading effects on national security, economic stability, and public safety. Additionally, the complexity and persistence of these actors mean that detection and remediation may be challenging, increasing the potential duration and impact of an incident. Even though the current severity is rated low, the strategic targeting and potential for escalation mean European organizations should treat this threat seriously and prioritize defensive measures.

Mitigation Recommendations

European organizations should implement a multi-layered defense strategy tailored to critical infrastructure environments. Specific recommendations include: 1) Conducting comprehensive threat hunting and network monitoring focused on detecting tactics, techniques, and procedures (TTPs) associated with Russian military cyber actors, leveraging threat intelligence feeds and STIX indicators where available. 2) Enhancing segmentation between IT and OT networks to limit lateral movement opportunities. 3) Applying strict access controls and multi-factor authentication (MFA) for all remote and privileged access, especially for critical systems. 4) Implementing anomaly detection systems capable of identifying unusual network traffic or command and control communications. 5) Regularly updating and patching all systems where possible, and employing virtual patching or compensating controls when patches are unavailable. 6) Conducting regular incident response exercises simulating nation-state attacks to improve readiness. 7) Collaborating with national cybersecurity agencies and sharing intelligence within sector-specific Information Sharing and Analysis Centers (ISACs). 8) Reviewing and hardening supply chain security to prevent compromise via third-party vendors. These measures go beyond generic advice by focusing on the specific threat actor’s known behaviors and the critical infrastructure context.

Need more detailed analysis?Get Pro

Technical Details

Uuid
d67bfbe0-e01d-4e2e-8a56-214805d85aee
Original Timestamp
1725608935

Indicators of Compromise

Hash

ValueDescriptionCopy
hash59da31da4db1aa5f9a5c7c0c151422c8
hashddec2d79f460a881849037336ba8968f
hash64b9feeccf6c183b9f7138f8fc53acbb
hash993f01861aff306df44e6475f7886f37
hash143594597130e301499e5940a5fb798a
hash6a4fca88ee36fecc5113e188cc39d25c
hash56e0446a6d7175a0d09110bc483ddbed
hash2128361d8aaae1225d50c9add32006a1
hashb32e14a9b7de6c92cd16758fa6e23346
hash7fe7f33d9b5dbdf3d032d2a10e39f283
hashf34f60375bebad861a35b7c4bb0fa1c8
hashcd62d4a178705b2b90a8babd8613df93
hashe1a15bc13157134f542cd9c55c742460
hash791a81f31a8e7090a7d5417451e09efa
hasha1b509254a0a1daa7e00d279ec974461
hash5c9e2195d10375b746b6717fdb47b5b9
hashaecb57e20d2c0b0d9fece2cbcbcc3459
hash80f0ee332a452172533ad8863bb3bc63
hash2b39eab325906b0a3ab7e584c3d67349
hashb7c1a8d39f46eaf52be90e24565dd6b0
hashd06761b2cff86035a4838110ed6ab622
hashd40195a444526eafb0db56d95bf8655d
hash7234da8ceafbe6586469f18c03cc1832
hash1c85c0d044ac837e8939564afac1eb32
hash58e879213d81333b628434ba4aeb2751
hash562c337b8caca330da2ea6ae07ee5db6
hash422437f326b8dbe30cc5f103bde31f26
hashd034fe4c71b16b6d331886c24fef2751
hash1cac5c0cb8801e8730447023270d8d56
hasha9c9c0be8eca3b575c24da0fcf1af1a9
hashaf277ae0fbf6cc20f887696ea4756d46
hash9d7ab8b0aa669125d9a5adc4f46c56f3
hash755dac7edd17fbf5b5c449dd06c02e14
hash251f3a4757d9e4de0499cc30c0bc00a9
hash28d571ddb5c04d065dfe1be9604663ba
hashca43a241042b5fcc305393765ae18e69
hash1e22d64f263e8ea4b2d37dcd9b7c3012
hashb0d0a23766fa64ece9315f37b28bb4c0
hash94bf96b76c2a092de8962496ce35deaf
hash4e9c55c6fe25d61ca4394de794546fab
hash3ccf799ff208981349cee4fb1a1cf88c
hash96964aed18f65a7acae632f358a093f6
hash09a2d85e809d36bff82bd5ab773980a3
hash5eaa7e812733a5c8cda734fab2f752d5
hash569c1d31f4c7ec7701d8e4e51b59fe85
hash246f31c86bbbe7f65c0126cf4a1a947a
hash0a2affa6d895baab087b84e93145da35
hash3fe96ff4a5ef0f5346ce645a2a893597
hash540ee8e39150c539fea582b0e77be7b0
hashd43446b4a22a597b93b559821ee5ac9b
hash69e58c5ee69f5e5e8a58f4afdd59adfe
hashdea3ae8225913dd98148fc86cfc3bcbe
hash246d9f9831b125ea7e6ef21bc4c8a0ca
hashe21fe98cc8866c0eeecf3549ebcec751
hash41871fef433d7b4b89fd226fe3a1a2c0
hash9f11e915be5c0d02a3130329cf032a28
hash03af632aa6f87bf9dd4364ee3b612cbb
hashd0b00a6c83ce810ec2763af17e8ab1c4
hash77aa3f342a0d69fda67c853bcc004d48
hash5d063eecd894d3d523875bc82ef6f319
hash9935a86108e3ae3f72cd15817601dcc6
hash552d9b79cc544fc6c3e8aa204dd00811
hashad0ca738aa6c987e4ee1a87ff2b8acd5
hash4c19aeecbfca13b8a199703d8b8284b9
hashcee5acbfef7e76f52f40b8ae95199c50
hash54a9fa9eb337a3b5ca7b0fa4553e439d
hash95cf2a5a24b0d33d621bb8995d5826bc
hash343b140977b3f9b227e7e5f82b0fadb5
hash981160dee6cd25fb181e54eca7ff7c22
hash6c152774f6894407075e6f0a2859bbae
hash6859fe5a3eead00a563cd93efcc6ea96
hash99305ce01cc2d0f58cd226efb2de893f
hashd6b41747cb035c4c2b08790cd57f0626
hash6e1394938c2fecad2d4f5b3bcf357ec0
hashde276cf07ccffa18d7ffc35281bca910
hash7d3b529db1bd896d9fd877b85cafdc64
hash9b2924c727aa3a061906321a66c9050c
hash2b2509c6ee46d6327f2f1c9a75122d15
hash32db8abce1618e60441f5c7cf4be0d22
hash332b7f6662e28e3577bd1b269904b940
hash1934e2ebc64d41e37ef53ea0c075e974
hash0e6374042b33d78329149a6189a7cb46
hashcc4a9db6f250114e26d8d9ba6ab46bc9
hashda4d81f9ef3b25ea09f34481d923dd9d
hash77675a24040f10c85112d9a219d5f1c7
hash85afdef18d65b0518d709a5a324ea57a
hashe2cc52273d56ed66c800a726760c1ed0
hasha5494ffd9efb7c3df59c527076a05e62
hash0dc5ac12f7690db15c99eaabc11b129c
hash9657c2ef6ed5229740b125df9ca6c915
hash673586594242d99ab02118595e457297
hash8a2ba7f9cb6f65edf65dbe579907551e
hashaf85885a74cfe099676af542dcdc5741
hashc265188fdadddb648629e8060601dca7
hash683546b9171a1ea284a96d1b45d1d823
hash3bcff990faacbebb8fb470dfe03e2543
hash47f4534da421daf8089cf34d53f6bb6e
hashd8c04ecd646a1f8537a59f63518ef3c6
hash601c12596dfea84c2113ae5ee59a52ec
hashfa97dbe84ce7717b754795fa89f13dce
hash2e035360971a817b854d7d5a2b008717
hash875f9200b49db08c33962b0a6bd05ab9
hashf8ffd1eab6223e31b15d0fd6c3c0472e
hash0adc2530cf348c0a3d53a680291a3d67
hashd973210977957209f255b58eb1715b12
hash7e0c42d33921a89724424f17c97037bd
hashe4634ef9bfe7b598b857ad997445b239
hash911c7e82f32f78577dcd725a7adb114d
hash5c3b0040e2dece6e17093ae607b79044
hashfc418fdda06ce5982153766dcefb71d9
hash9152c9de57b5647ee4ab3dff551dc8dd
hash5b884f15dc9b072d7bbad9ec2b249f38
hashffa68749aa3fc6495e2c49b01d964339
hash1220b580cef1bf22351e271773945d20
hash8cfef66b390f08bdbfd940922cf51650
hasha66b3b22a3619f739b197d0d443b700c
hash032f5642d4fb2fdd74e6f20a13c57746
hashc9d1677f4f89b95b41591b23a1dc1a63
hashfba76f4eb2e7a2eb17193bebe290a198
hash0e03103e8110785156105946e48ea9e0
hash8d3d4d702ba6b4be2766a41bfe5ff76e
hash2b5f159f022109a8de1bc5dd9e3138a0
hash19cb20c4e7dbfe15c1aa284752d0fecb
hash4bce4831b1dd71f19c55b3e3b5e99856
hasheef2363744345741e09fe5380eeb4df3
hashf4f4e55a00d2f3a433c9e5624285ac1c
hashdf4f856f783d23fb01af1e0e64bc0e20
hash7a70d5fbbafe3454b76e3ad2f009618f
hash4d8343c40be53d6521244fe74393d937
hashde1bf141976776becd376a0dac400df6
hash2ca6bcf16ee4293a771a1cf7b7b9ee49
hasha905d620717f75751aa94ceb88995dbc
hash955e4c198ee58e40fe92cb74ceefdf00
hash5f4df6dd8e644d59eaf182e500b5e7bf
hash8633bd2bbbb5da22c3f8751150186c42
hash08dfebc04eb61c9a6d87b6524c1c0f2e
hashf73d203bdf924658fd6edf3444c93a50
hash7f84263fd24f783ff72d5ae91011b558
hash4074798a621232dc448b65db7b1fdd66
hash7c8cb5598e724d34384cce7402b11f0e
hash78c855a088924e92a7f60d661c3d1845
hashf772f5c65d65412f61ef5f2660e33ceb
hash892be61f0cf68425e42efda9aa31f0e14bc963b5
hasheab7c6ef336c0fe2e0d15e2ccfe851f7ee172bdc14cee2d25e1c245e9034279d
hashafbb9459d4a0f60d7ffb3b3532d11bc2
hash91f7690be7d36bde7537193987610848289e0f56
hash3c02aeeb57d3c64feae109f50a89774111a443142859891bae4fb2f469fa0466
hash29d83f29c0b0a0b7499e71e7d5cb713f
hashd33f12dbcdd427c527a8285fd9ab0c848051288b
hashfd4a5398e55beacb2315687a75af5aa15b776b5d36b9800a1792ede3955616c2
hash9b1191f1ceddf312b0d609cd929c6631
hash0dd61a16c625c49ffefaf4ce24cabf9a074028a06640d9bbb804f735ff56dfa3
hashde85ca91e1e8100a619de1c25112f1a5
hashd2d96f0d819abd771617e806994effc180c7438c
hash489ab4819830d231c3fc3572c5386cad9d18773a8121373ea8174de981cc9166
hash5a537673c34933fc854fbfb65477a686
hash7070b7e9d537c96a2218b3907b05af2d7378661c
hash35feefe6bd2b982cb1a5d4c1d094e8665c51752d0a6f7e3cae546d770c280f3a
hash764f691b2168e8b3b6f9fb6582e2f819
hashaa79afbf82b06cda268664b7c83900d8f7a33e0f0071facba0b3d8f7a68ce56a
hasheac0ae655d344c25ff467a929790885c
hashb9e64b58d7746cb1d3bed20405ef34d097af08c809d8dad10b9296b0bebb2b0b
hash6154760e602bd71192d93f72fbdb486e
hash50566fdea2f4b8a3466427f9c6798dabe2587823
hashbc2e7451995e188f50581efb2b564dfbc5b593f57f7b52072eeba235a0861670
hash394e056cb6cb732dfd5e0d45d3dae938
hash731dab83ef1d02203db64fbefbe59f3791db1e21
hashaa212493331277dd28a8b9b2f535c7b719ff9c6d4ccad121fd0a59dcb78697d9
hashdd2431b1f858b4ca14a4ea05fb8c4a06
hashc3181fd7cb463893fc73974acc0016605d90ef6c
hasha05f2999844495bffb3405b1db2d1927e5237e61d71edb599a5fa64e3e575856
hash58dc7c9577ff90a046359ca255c0c9f4
hashf6acdc16c695c3c219116aea3d585efedcafdab5
hashd3a80ce2fded8144d347ee0b42c18ff6ad8cb386c3a2fc884ef2348afe7633c9
hash869742fb9db71fdb66f00528fe2966ec
hashdb370ee79d9b4bd44e07f425d7b06beffc8bdded
hash7f8d4a36d05b60f0dd986a3bbde1be34b10a2d80297d1ae28d3fdaaa914fb8bf
hash9345425cf07b4c39a80cd8540e08bfde
hash2e113050a81bbd0774db7e86fad4abd44e5b6ec2
hash4ff07f308da5b18f4a71ef09eea3f3c968683c93e8aa55d3f03975207e3b19ce
hash9c695be3703194fdb71c212a0832bcf3
hash88c76d31b046227d82f94db87697b25e482eb398
hash3de02a782987b4463e02dda90df57a06fb0022eb8840a17c4c812631705ebf7c
hash9606b4720a0e73ef1f00505a11aab2f7
hash27c176bbd3e254d5e46ccb865d29c8c166ba4a9f
hasha5833236a73c66add109c8b53adda6f998bf92d63955fa06787d66d670d7889e
hashd33f608f561096be24cba91797e0da2f
hash90fa56e79765d27d35706d028d32dc5be7efb623
hashc27a3b0ffaba2258d66d595c5478f12ee8a107cd590132a4a72d8bfdaf486fc1
hashdc795cb9290b1bc0b7fb1ce9d6ae7c93
hash5fbd9bd73040d7a2cac0fc21d2fe29ebe57fb597
hash887936dc1db271c6970ca78f25c4eb62d3816761b675db2cf4a46645c98a5fd9
hashb85538f665fdb6c8d9a74f2df7369832
hashfb83899dc633c59a8473a3048c9aacce7e1bf8d8
hashb72e8c0e4291e85ad683d6dcba449f18eacd31e8e5395c7064dcb05077db4a06
hash618d62dd95fd9aeb855fe2ef1403dce5
hashb5e3e65cd6b09b17d4819a1379dde7db3e33813b
hashfae14137605c6a173eaca1e89ad92961e6cb2b66b924087f2f109c0ab38a0d71
hash3907c7fbd4148395284d8e6e3c1dba5d
hasha67205dc84ec29eb71bb259b19c1a1783865c0fc
hash34ca75a8c190f20b8a7596afeb255f2228cb2467bd210b2637965b61ac7ea907
hash8744cec7547b1e73705c10a264e28e08
hashd4851eb90fc4ba627b6ce633c40852b963a1b555
hashb7b76f3fe12e12b8d1d34dcd1a53ab18223ec10a5a7549b2db4cde5d84c8970d
hashde1f9d1f0336ddcff832ad3900acd2f1
hash7631b43feb02fb8dc97401e82a1ec5c7d970a055
hash2880f3c707dff1de85e6b9a7e7154648e2e1df535647c0917e8fb4ea0fe9fd20
hash974e7c0b3660fbf18f29eac059f85ac0
hash80abdc5c36eb4a2745783e6590a13d92497c8513
hash163932f1d39d2ae140bcf89aee6d514f65902ce8b4d46c7061c1cc94eb2a25b2
hash17fc12902f4769af3a9271eb4e2dacce
hash9a4a1581cc3971579574f837e110f3bd6d529dab
hash29ae7b30ed8394c509c561f6117ea671ec412da50d435099756bbb257fafb10b
hash6eed4ee0cc57126e9a096ab9905f471c
hash4f06d376648def0bb8a325e70046a5030d2cb1d1
hashdb5a204a34969f60fe4a653f51d64eee024dbf018edea334e8b3df780eda846f
hashe61518ae9454a563b8f842286bbdb87b
hash82d29b52e35e7938e7ee610c04ea9daaf5e08e90
hash9ef7dbd3da51332a78eff19146d21c82957821e464e8133e9594a07d716d892d
hashb3370eb3c5ef6c536195b3bea0120929
hashb2d863fc444b99c479859ad7f012b840f896172e
hash923eb77b3c9e11d6c56052318c119c1a22d11ab71675e6b95d05eeb73d1accd6
hash14c8482f302b5e81e3fa1b18a509289d
hash16525cb2fd86dce842107eb1ba6174b23f188537
hashdcbbae5a1c61dbbbb7dcd6dc5dd1eb1169f5329958d38b58c3fd9384081c9b78
hash5d5c99a08a7d927346ca2dafa7973fc1
hash189166d382c73c242ba45889d57980548d4ba37e
hasha196c6b8ffcb97ffb276d04f354696e2391311db3841ae16c8c9f56f36a38e92
hash896e0f54fc67d72d94b40d7885f10c51
hash5d60c8507ac9b840a13ffdf19e3315a3e14de66a
hash5e0f28bd2d49b73e96a87f5c20283ebe030f4bb39b3107d4d68015dce862991d

Url

ValueDescriptionCopy
urlhttps://cdn.discordapp.com/attachments/945968593030496269/945970446149509130/Client.exe
urlhttps://cdn.discordapp.com/attachments/888408190625128461/895633952247799858/n.lashevychdirekcy.atom.gov.ua.zip
urldns.test658324901domain.me
urlhttps://nssm.cc
urlhttps://3proxy.ru
urlhttps://cdn.discordapp.com/attachments/928503440139771947/930108637681184768/Tbopbh.jpg

Ip

ValueDescriptionCopy
ip81.17.24.130
ip194.26.29.251
ip194.26.29.84
ip185.245.85.251
ip185.245.84.227
ip179.43.189.218
ip179.43.187.47
ip179.43.175.108
ip179.43.175.38
ip179.43.162.55
ip179.43.133.202
ip154.21.20.82
ip112.132.218.45
ip112.51.253.153
ip90.131.156.107
ip79.124.8.66
ip46.101.242.222
ip5.226.139.66
ip179.43.142.42
ip179.43.176.60
ip111.111.111.111
ip45.141.87.11
ip194.26.29.95
ip194.26.29.98
ip62.173.140.223

Domain

ValueDescriptionCopy
domaininterlinks.top
domain3237.site
domainsmm2021.net
domainnssm.cc
domain3proxy.ru

File

ValueDescriptionCopy
fileOfewufeiy.dll
filede1f9d1f0336ddcff832ad3900acd2f1
filede1f9d1f0336ddcff832ad3900acd2f1_reversed_974e7c0b3660fbf18f29eac059f85ac0
fileFrkmlkdkdubkznbkmcf.dll
fileTbopbh.jpg
filestage2.exe
fileTbopbh.exe
filestage2.exe; Tbopbh.exe
filestage1.exe
fileAA24-249A-Russian-Military-Cyber-Actors-Target-US-and-Global-Critical-Infrastructure.stix_.json
fileaa24-249a-russian-military-cyber-actors-target-us-and-global-critical-infrastructure.pdf

Size in-bytes

ValueDescriptionCopy
size-in-bytes438272
size-in-bytes1772032
size-in-bytes280064
size-in-bytes280064

Text

ValueDescriptionCopy
text2.1
textRussian Military Cyber Actors Target US and Global Critical Infrastructure
textAlert
textThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020. GRU Unit 29155 cyber actors began deploying the destructive WhisperGate malware against multiple Ukrainian victim organizations as early as January 13, 2022. These cyber actors are separate from other known and more established GRU-affiliated cyber groups, such as Unit 26165 and Unit 74455.
textRussian Military Cyber Actors Target US and Global Critical Infrastructure
textAlert

Link

ValueDescriptionCopy
linkhttps://www.cisa.gov/sites/default/files/2024-09/aa24-249a-russian-military-cyber-actors-target-us-and-global-critical-infrastructure.pdf
linkhttps://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

Threat ID: 68367c04182aa0cae230feac

Added to database: 5/28/2025, 2:59:16 AM

Last enriched: 6/27/2025, 11:37:06 AM

Last updated: 8/18/2025, 7:46:35 AM

Views: 16

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

External Links

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats