Inception Framework

πŸ”΄ High
Also known as: Clean Ursa, Cloud Atlas, OXYGEN, G0100, ATK116, Blue Odin, Inception Framework

This threat actor uses spear-phishing techniques to target private-sector energy, defense, aerospace, research, and media organizations and embassies in Africa, Europe, and the Middle East, for the purpose of espionage.

🌍 Country Russia
⚑ Risk Level High
🎯 Incident Type Espionage
Government Private sector

Targeted Victims

Afghanistan Armenia Azerbaijan Belarus Belgium Czech Republic Greece India Iran Italy Kazakhstan Kenya Malaysia Russia South Africa Suriname Turkmenistan Ukraine United Kingdom United States Vietnam

Introduction

This threat actor uses spear-phishing techniques to target private-sector energy, defense, aerospace, research, and media organizations and embassies in Africa, Europe, and the Middle East, for the purpose of espionage.

Activities and Tactics

Targeted Sectors: Government, Private sector

Country of Origin: πŸ‡·πŸ‡Ί Russia

Risk Level: High

Incident Type: Espionage

Suspected Victims: Afghanistan, Armenia, Azerbaijan, Belarus, Belgium, Czech Republic, Greece, India, Iran, Italy…

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • SPACESHIP

Attribution and Evidence

Country of Origin: Russia Additional attribution information pending cataloguing.

References

References pending cataloguing.