DarkHydrus, LazyMeerkat

Description

DarkHydrus is a threat group that has targeted government agencies and educational institutions in the Middle East since at least 2016. The group heavily leverages open-source tools and custom payloads for carrying out attacks.

Some analysts track Dark Hydrus, APT 19, Deep Panda, C0d0so0 and Turbine Panda, APT 26, Shell Crew, WebMasters, KungFu Kittens as the same group, but it is unclear from open source information if the groups are the same.

Names

NameName-Giver
DarkHydrusPalo Alto
LazyMeerkatKaspersky
ATK 77Thales
Obscure SerpensPalo Alto

Country

State-sponsored

Motivation

  • Information theft and espionage

First Seen

2016

Observed Sectors

Observed Countries

Tools

Operations

Information

Mitre Attack

Playbook

Other Information

Uuid

2849cc26-d6c8-4484-821e-cb0f7006bddc

Last Card Change

2024-03-10