← threatfilter.dev / all groups / Nomadic Octopus
Nomadic Octopus
Also known as: DustSquad
Overview
Nomadic Octopus is a Russian-speaking cyber espionage threat group that has primarily targeted Central Asia, including local governments, diplomatic missions, and individuals, since at least 2014. Nomadic Octopus has been observed conducting campaigns involving Android and Windows malware, mainly using the Delphi programming language, and building custom variants.
TTPs — 7 techniques across 4 tactics
Initial Access
-
T1566.001Spearphishing Attachment
Execution
-
T1059.001PowerShell -
T1059.003Windows Command Shell -
T1204.002Malicious File
Stealth
-
T1036Masquerading -
T1564.003Hidden Window
Command and Control
-
T1105Ingress Tool Transfer
Tools & malware (1)
Octopus
Reporting (3)
- Russia-Linked Hackers Target Diplomatic Entities in Central Asia — Kovacs, E
- Russia-linked APT group DustSquad targets diplomatic entities in Central Asia — Paganini, P
- Octopus-infested seas of Central Asia — Kaspersky Lab's Global Research & Analysis Team