THREAT ACTOR: Nobelium hacking group
Nobelium is the hacking division of the Russian Foreign Intelligence Service (SVR), commonly known as APT29, The Dukes, or Cozy Bear. The Russian state hackers have been observed using the FoggyWeb backdoor in the wild since April 2021.
Incidents Associated with this Threat
- December 12, 2020: Major Supply Chain Breach Involving the SolarWinds Orion System.
Malware Used by this Threat Actor
No malware identified for this threat actor.