0attributed CVEs
8ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[C0026](https://attack.mitre.org/campaigns/C0026) was a campaign identified in September 2022 that included the selective distribution of [KOPILUWAK](https://attack.mitre.org/software/S1075) and [QUIETCANARY](https://attack.mitre.org/software/S1076) malware to previous [ANDROMEDA](https://attack.mitre.org/software/S1074) malware victims in Ukraine through re-registered [ANDROMEDA](https://attack.mitre.org/software/S1074) C2 domains. Several tools and tactics used during [C0026](https://attack.mitre.org/campaigns/C0026) were consistent with historic [Turla](https://attack.mitre.org/groups/G0010) operations.(Citation: Mandiant Suspected Turla Campaign February 2023)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-3 | 6 / 8 | 75% |
SI-4 | 6 / 8 | 75% |
SC-7 | 5 / 8 | 62% |
CM-2 | 4 / 8 | 50% |
AC-4 | 3 / 8 | 38% |
CA-7 | 3 / 8 | 38% |
CM-6 | 2 / 8 | 25% |
RA-5 | 2 / 8 | 25% |
AC-16 | 1 / 8 | 12% |
AC-2 | 1 / 8 | 12% |
AC-23 | 1 / 8 | 12% |
AC-3 | 1 / 8 | 12% |
AC-6 | 1 / 8 | 12% |
CM-12 | 1 / 8 | 12% |
CM-7 | 1 / 8 | 12% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Winnti Group 0.23
- RedEcho 0.23
- FunnyDream 0.23
- CostaRicto 0.21
- Indian Critical Infrastructure Intrusions 0.18