Unnamed groups: Russia

Description

These are reported APT activities attributed to a country, but not to an individual threat group.

Names

Name	Name-Giver
[Unnamed groups: Russia]	?

Country

Russia

Motivation

Information theft and espionage
Financial gain
Sabotage and destruction

First Seen

2014

Observed Sectors

Financial

Observed Countries

Operations

2014: Yahoo hit with a Massive 500 Million Account Data Breach https://www.bleepingcomputer.com/news/business/yahoo-hit-with-a-massive-500-million-account-data-breach/
2018-06: Russian Attacks Against Singapore Spike During Trump-Kim Summit https://www.f5.com/labs/articles/threat-intelligence/russian-attacks-against-singapore-spike-during-trump-kim-summit
2022-06: Russian hackers may be behind Texas natural gas plant explosion: report https://americanmilitarynews.com/2022/06/russian-hackers-may-be-behind-texas-natural-gas-plant-explosion-report/
2022-10: Medibank cyber incident https://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident https://www.bankinfosecurity.com/medibank-hackers-dump-stolen-on-dark-web-a-20604
2024-07: Poland to probe Russia-linked cyberattack on state news agency https://therecord.media/poland-cyberattack-investigation-state-agency
2024-11: Seoul accuses pro-Kremlin hackers of attacking websites over decision to monitor North Korean troops in Ukraine https://therecord.media/seoul-accuses-pro-kremlin-hackers-of-attacking-websites-ukraine

Counter Operations

2017-03: US Charges Four Hackers in Yahoo 2014 Security Breach, Including Two FSB Agents https://www.bleepingcomputer.com/news/security/us-charges-four-hackers-in-yahoo-2014-security-breach-including-two-fsb-agents/
2022-03: Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-disruption-botnet-controlled-russian-federation
2022-06: Russian Botnet Disrupted in International Cyber Operation https://www.justice.gov/usao-sdca/pr/russian-botnet-disrupted-international-cyber-operation
2024-01: Australia, US, UK Sanction Russian Over 2022 Medibank Breach https://www.bankinfosecurity.com/australia-us-uk-sanction-russian-over-2022-medibank-breach-a-24163
2024-02: Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU) https://www.justice.gov/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian
2024-02: Russia arrests three alleged SugarLocker ransomware members https://therecord.media/russia-arrests-sugarlocker-ransomware-members
2024-07: Justice Department Leads Efforts Among Federal, International, and Private Sector Partners to Disrupt Covert Russian Government-Operated Social Media Bot Farm https://www.justice.gov/opa/pr/justice-department-leads-efforts-among-federal-international-and-private-sector-partners
2024-09: Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere https://www.justice.gov/opa/pr/justice-department-disrupts-covert-russian-government-sponsored-foreign-malign-influence
2024-11: Russia arrests cybercriminal Wazawaka for ties with ransomware gangs https://www.bleepingcomputer.com/news/security/russia-arrests-cybercriminal-wazawaka-for-ties-with-ransomware-gangs/
2024-12: Russia sentences Hydra dark web market leader to life in prison https://www.bleepingcomputer.com/news/security/russia-sentences-hydra-dark-web-market-leader-to-life-in-prison/
2024-12: Operation “Destabilise” Operation Destabilise: NCA disrupts $multi-billion Russian money laundering networks with links to, drugs, ransomware and espionage, resulting in 84 arrests https://www.nationalcrimeagency.gov.uk/news/operation-destabilise-nca-disrupts-multi-billion-russian-money-laundering-networks-with-links-to-drugs-ransomware-and-espionage-resulting-in-84-arrests https://therecord.media/operation-destabilise-money-laundering-investigation-uk-nca
2024-12: EU issues first-ever sanctions over ‘Russian hybrid threats’ https://therecord.media/eu-issues-sanctions-over-russia-hybrid-threats
2025-01: Treasury Sanctions Entities in Iran and Russia That Attempted to Interfere in the U.S. 2024 Election https://home.treasury.gov/news/press-releases/jy2766
2025-01: Three Russian-German Nationals Charged with Espionage for Russian Secret Service https://thehackernews.com/2025/01/three-russian-german-nationals-charged.html
2025-01: Cyber-attacks: three individuals added to EU sanctions list for malicious cyber activities against Estonia https://www.consilium.europa.eu/en/press/press-releases/2025/01/27/cyber-attacks-three-individuals-added-to-eu-sanctions-list-for-malicious-cyber-activities-against-estonia/
2025-05: Russian hybrid threats: EU lists further 21 individuals and 6 entities and introduces sectoral measures in response to destabilising activities against the EU, its member states and international partners https://www.consilium.europa.eu/en/press/press-releases/2025/05/20/russian-hybrid-threats-eu-lists-further-21-individuals-and-6-entities-and-introduces-sectoral-measures-in-response-to-destabilising-activities-against-the-eu-its-member-states-and-international-partners/

Information

Other Information

Uuid

d8af7e66-0392-4082-bdb9-f7157083d079

Last Card Change

2025-06-27

Threat Intelligence Garden

Explorer

Unnamed groups: Russia

Unnamed groups: Russia

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Operations

Counter Operations

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks