← threatfilter.dev / all groups / Poseidon Group
Poseidon Group
Overview
Poseidon Group is a Portuguese-speaking threat group that has been active since at least 2005. The group has a history of using information exfiltrated from victims to blackmail victim companies into contracting the Poseidon Group as a security firm.
TTPs — 8 techniques across 4 tactics
Execution
-
T1059.001PowerShell
Stealth
Credential Access
-
T1003OS Credential Dumping
Discovery
-
T1007System Service Discovery -
T1049System Network Connections Discovery -
T1057Process Discovery -
T1087.001Local Account -
T1087.002Domain Account
Reporting (1)
- Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage — Kaspersky Lab's Global Research and Analysis Team