Introduction
Inception is a cyber espionage group active since at least 2014. The group has targeted multiple industries and governmental entities primarily in Russia, but has also been active in the United States and throughout Europe, Asia, Africa, and the Middle East. Unit 42 Inception November 2018 Symantec Inception Framework March 2018 Kaspersky Cloud Atlas December 2014
Activities and Tactics
Targeted Sectors: Government, Private sector
Country of Origin: π·πΊ Russia
First Seen: 2015
Last Activity: 2015
Incident Type: Espionage
Suspected Victims: Afghanistan, Armenia, Azerbaijan, Belarus, Belgium, Czech Republic, Greece, India, Iran, Italyβ¦
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Information pending cataloguing.
Notable Indicators of Compromise (IOCs)
No atomic indicators are listed in this profile. The APTnotes snapshot indexes 1 public reports that may contain IOCs; see Source Attribution for dataset links.
Malware and Tools
- CloudDuke:
- CyberGate:
- Cyber Eye RAT:
- UNITEDRAKE:
Attribution and Evidence
Country of Origin: Russia Additional attribution information pending cataloguing.
References
[1] MITRE ATT&CK MITRE ATT&CK entry [2] Unit 42 Inception November 2018 [3] Symantec Inception Framework March 2018 [4] Kaspersky Cloud Atlas December 2014