New Insights into Energetic Bear's Cyber Attacks on Turkish Critical Infrastructure | RiskIQ
Tags
| country: | Turkey Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Direct Credentials - T1589.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Whois - T1596.002 |
Common Information
| Type | Value |
|---|---|
| UUID | d1c79ae5-e2e0-4c06-9e83-3806ceb41f3c |
| Fingerprint | e3148d191413cd1f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 2, 2017, midnight |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Sept. 4, 2024, 2:21 a.m. |
| Headline | UNKNOWN |
| Title | New Insights into Energetic Bear's Cyber Attacks on Turkish Critical Infrastructure | RiskIQ |
| Detected Hints/Tags/Attributes | 57/3/11 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.riskiq.com/blog/labs/energetic-bear/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | turcas.com.tr |
|
| Details | Domain | 1 | plantengineering.com |
|
| Details | Domain | 1 | cfemedia.com |
|
| Details | Domain | 1 | controleng.com |
|
| Details | Domain | 1 | csemag.com |
|
| Details | 1 | srourke@cfemedia.com |
||
| Details | File | 1 | turcas_icon.png |
|
| Details | File | 1 | _icon.png |
|
| Details | File | 1 | easing.js |
|
| Details | IPv4 | 4 | 184.154.150.66 |
|
| Details | IPv4 | 1 | 103.41.177.58 |