Adversaries abusing ICS (based on Dragos Inc adversary list). This threat actor targets organizations involved in oil, gas, and electricity production, primarily in the Gulf region, for espionage purposes. According to one cybersecurity company, the threat actor “compromises a target machine and passes it off to another threat actor for further exploitation.”
Also known as
OilRig, Greenbug, Hazel Sandstorm, EUROPIUM, Cobalt Gypsy, APT34, HELIX KITTEN, Crambus.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).