Threat actor · all actors
Nomadic OctopusG0133 unknown
aka Nomadic Octopus, DustSquad
Last updated: 2026-07-03
1attributed CVEs
11ATT&CK techniques
3.6IDF score (tooling uniqueness)
0exclusive CVEs
2026years active
About this actor
[Nomadic Octopus](https://attack.mitre.org/groups/G0133) is a Russian-speaking cyber espionage threat group that has primarily targeted Central Asia, including local governments, diplomatic missions, and individuals, since at least 2014. [Nomadic Octopus](https://attack.mitre.org/groups/G0133) has been observed conducting campaigns involving Android and Windows malware, mainly using the Delphi programming language, and building custom variants.(Citation: Security Affairs DustSquad Oct 2018)(Citation: Securelist Octopus Oct 2018)(Citation: ESET Nomadic Octopus 2018)
Source: MITRE ATT&CK
Activity timeline
- 2026 — 1 CVE published
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
CVE-2026-8732 | 7.0 | 9.8 | 0.0946 | 2026-05-29 | see CVE |
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
CM-2 | 9 / 11 | 82% |
CM-6 | 9 / 11 | 82% |
SI-3 | 9 / 11 | 82% |
SI-4 | 9 / 11 | 82% |
CA-7 | 7 / 11 | 64% |
SI-10 | 7 / 11 | 64% |
SI-7 | 7 / 11 | 64% |
CM-7 | 6 / 11 | 55% |
AC-4 | 5 / 11 | 45% |
IA-9 | 5 / 11 | 45% |
SC-7 | 5 / 11 | 45% |
SI-2 | 5 / 11 | 45% |
AC-2 | 4 / 11 | 36% |
AC-3 | 4 / 11 | 36% |
AC-6 | 4 / 11 | 36% |
Co-occurring actors
- Elderwood 1 shared CVEs
Similar actors
Similar TTPs
- DarkHydrus 0.53
- TA459 0.46
- Gorgon Group 0.42
- Water Curupira Pikabot Distribution 0.39
- Gallmaker 0.38
Overlapping CVEs
- Elderwood 1.00
Active in same years
- Operation Dream Job 1.00
- SolarWinds Compromise 1.00
- C0027 1.00
- SharePoint ToolShell Exploitation 1.00
- Ke3chang 1.00