← threatfilter.dev / all groups / DarkVishnya
DarkVishnya
Overview
DarkVishnya is a financially motivated threat actor targeting financial institutions in Eastern Europe. In 2017-2018 the group attacked at least 8 banks in this region.
TTPs — 10 techniques across 7 tactics
Resource Development
-
T1588.002Tool
Initial Access
-
T1200Hardware Additions
Execution
-
T1059.001PowerShell
Persistence
-
T1543.003Windows Service
Credential Access
-
T1040Network Sniffing -
T1110Brute Force
Discovery
-
T1046Network Service Discovery -
T1135Network Share Discovery
Command and Control
-
T1219Remote Access Tools -
T1571Non-Standard Port
Tools & malware (2)
Winexe · PsExec