Cyber Resilience

Campaign · all campaigns

FrankensteinC0001 unknown

aka Frankenstein

Last updated: 2026-07-03

0attributed CVEs
39ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[Frankenstein](https://attack.mitre.org/campaigns/C0001) was described by security researchers as a highly-targeted campaign conducted by moderately sophisticated and highly resourceful threat actors in early 2019. The unidentified actors primarily relied on open source tools, including [Empire](https://attack.mitre.org/software/S0363). The campaign name refers to the actors' ability to piece together several unrelated open-source tool components.(Citation: Talos Frankenstein June 2019)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-426 / 3967%
CM-623 / 3959%
CM-222 / 3956%
SI-321 / 3954%
CM-716 / 3941%
CA-715 / 3938%
SI-713 / 3933%
SC-712 / 3931%
AC-311 / 3928%
AC-411 / 3928%
AC-611 / 3928%
AC-210 / 3926%
CM-810 / 3926%
RA-510 / 3926%
SI-1010 / 3926%

Co-occurring actors

None.

Similar actors

Similar TTPs