Berserk Bear
Berserk Bear (aka Crouching Yeti, Dragonfly 2.0, DYMALLOY, Energetic Bear, Havex, IRON LIBERTY, or TeamSpy)[1][2][3] is a malevolent Russian threat actor.[4]
Activities
Berserk Bear specializes in compromising utilities infrastructure, especially that belonging to companies responsible for water or energy distribution.[4][5] It has performed these activities in at least Germany and the U.S.[5]
Berserk Bear has also targeted many state, local, and tribal government and aviation networks in the U.S., and as of October 1, 2020, had exfiltrated data from at least two victim servers.[2] In particular, Berserk Bear is believed to have infiltrated the computer network of the city of Austin, Texas, during 2020.[6][7]
See also
- 2020 United States federal government data breach - in which Berserk Bear likely has been involved.[6]
- Cozy Bear
- Fancy Bear
References
- "Dragonfly 2.0, IRON LIBERTY, DYMALLOY, Berserk Bear, Group G0074 | MITRE ATT&CK®". attack.mitre.org.
- "Russian state hackers stole data from US government networks". BleepingComputer.
- Goodin, Dan (December 7, 2020). "NSA says Russian state hackers are using a VMware flaw to ransack networks". Ars Technica.
- "The Russian Hackers Playing 'Chekhov's Gun' With US Infrastructure" – via www.wired.com.
- "German intelligence agencies warn of Russian hacking threats to critical infrastructure". CyberScoop. May 26, 2020.
- Hvistendahl, Mara HvistendahlMicah LeeJordan SmithMara; Lee, Micah; SmithDecember 17, 2020, Jordan; P.m, 9:00. "Russian Hackers Have Been Inside Austin City Network for Months". The Intercept.CS1 maint: numeric names: authors list (link)
- "Austin officials quiet on reports that city network hacked". www.msn.com.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.