Phosphorus is an advanced persistent threat (APT) that has been active since at least 2013, and it targets organizations in various industries such as finance, energy, defense, government agencies, telecommunications companies, media outlets, and universities. The group uses a variety of tactics to gain access to their target networks including spear-phishing emails, watering hole attacks, and exploiting vulnerabilities in software or systems. Once inside the network, Phosphorus can steal sensitive information such as financial data, intellectual property, and confidential documents. They also have been known to use malware like BlackEnergy3, which is a tool that allows them to remotely control industrial control systems (ICS) in order to cause physical damage or disruption of operations. The group has ties with the Russian government, but it\'s not clear if they are directly affiliated with any particular agency.
Techniques, tactics and practices:
Phosphorus uses a variety of tactics to gain access to their target networks including spear-phishing emails, watering hole attacks, and exploiting vulnerabilities in software or systems. Once inside the network, they can steal sensitive information such as financial data, intellectual property, and confidential documents. They also have been known to use malware like BlackEnergy3, which is a tool that allows them to remotely control industrial control systems (ICS) in order to cause physical damage or disruption of operations. The group has ties with the Russian government, but it\'s not clear if they are directly affiliated with any particular agency.
Phosphorus | 0 user ratings | 2024-06-18 15:21:30 blscott - archive -- |
Phosphorus is an alternate name for the group known as APT35
Comments | new comment |
| Nobody has commented yet. Will you be the first? | |
Primary Names
| APT35 |
| Forum |
