A Timeline of APT28 Activity

APT28 (aka Fancy Bear, aka Pawn Storm, aka Sednit, aka Sofacy, aka Group 74, aka Sednit, aka Sofacy, aka Strontium, aka Threat Group-4127) finds its way into the news with some regularity. Most recently the group claimed to have released documents from the International Luge Federation. APT28 is probably best known for its attacks on the Democratic National Committee (DNC) and other political targets in 2016. The group has a reputation for being organized and stealthy in their campaigns. Their choice of targets often aligns with Russian geopolitical interests.

Below is an image that summarizes publicly known APT28 activity from 2014 to present:

Summary of APT28 Malicious Activity

Activities from APT28 have been covered by a number of information security research teams since first being reported on by Trend Micro in 2014. This corpus of information on the group is spread amongst a number of sources. The Anomali Labs team has compiled a timeline of all publicly known APT28 activities and shared it in this informative post in the Anomali Forum.


Cyber Threat Intelligence Malware Research ThreatStream

Related Content

Get the Anomali Newsletter

The latest Anomali updates and cybersecurity news, delivered straight to your inbox each month.