Blog

A Timeline of APT28 Activity

Anomali
February 22, 2018
Table of contents
<p><strong>APT28</strong> (aka Fancy Bear, aka Pawn Storm, aka Sednit, aka Sofacy, aka Group 74, aka Sednit, aka Sofacy, aka Strontium, aka Threat Group-4127) finds its way into the news with some regularity. Most recently the group claimed to have released documents from the International Luge Federation. APT28 is probably best known for its attacks on the Democratic National Committee (DNC) and other political targets in 2016. The group has a reputation for being organized and stealthy in their campaigns. Their choice of targets often aligns with Russian geopolitical interests.</p><p>Below is an image that summarizes publicly known APT28 activity from 2014 to present:</p><p style="text-align: center;"><img alt="" src="https://cdn.filestackcontent.com/ietdH7dbRVSf05YW6MLD"/></p><p style="text-align: center;"><em>Summary of APT28 Malicious Activity</em></p><p>Activities from APT28 have been covered by a number of information security research teams since first being reported on by Trend Micro in 2014. This corpus of information on the group is spread amongst a number of sources. The Anomali Labs team has compiled a timeline of all publicly known APT28 activities and shared it in this informative <a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank">post in the </a><a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank">Anomali</a><a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank"> Forum</a>.</p>
Anomali

Anomali's AI-Powered Platform brings together security and IT operations and defense capabilities into one proprietary cloud-native big data solution. Anomali's editorial team is comprised of experienced cybersecurity marketers, security and IT subject matter experts, threat researchers, and product managers.

Propel your mission with amplified visibility, analytics, and AI.

Learn how Anomali can help you cost-effectively improve your security posture.

February 22, 2018
-
Anomali
,

A Timeline of APT28 Activity

<p><strong>APT28</strong> (aka Fancy Bear, aka Pawn Storm, aka Sednit, aka Sofacy, aka Group 74, aka Sednit, aka Sofacy, aka Strontium, aka Threat Group-4127) finds its way into the news with some regularity. Most recently the group claimed to have released documents from the International Luge Federation. APT28 is probably best known for its attacks on the Democratic National Committee (DNC) and other political targets in 2016. The group has a reputation for being organized and stealthy in their campaigns. Their choice of targets often aligns with Russian geopolitical interests.</p><p>Below is an image that summarizes publicly known APT28 activity from 2014 to present:</p><p style="text-align: center;"><img alt="" src="https://cdn.filestackcontent.com/ietdH7dbRVSf05YW6MLD"/></p><p style="text-align: center;"><em>Summary of APT28 Malicious Activity</em></p><p>Activities from APT28 have been covered by a number of information security research teams since first being reported on by Trend Micro in 2014. This corpus of information on the group is spread amongst a number of sources. The Anomali Labs team has compiled a timeline of all publicly known APT28 activities and shared it in this informative <a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank">post in the </a><a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank">Anomali</a><a href="https://forum.anomali.com/t/apt28-timeline-of-malicious-activity/2019" target="_blank"> Forum</a>.</p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.