STRONTIUM

About:

• Strontium is also known as Fancy Bear, Tsar Team, Pawn Storm, Sofacy, Sednit or Advanced Persistent Threat 28 (APT28) group.
  
  
• It is a highly active and prolific cyber-espionage group. It is one of the most active APT groups and has been operating since at least the mid-2000s
  
  
• The group is said to be connected to the GRU, the Russian Armed Forces’ main military intelligence wing.
  
  

How does it attack networks?

• The group deploys diverse malware and malicious tools to breach networks. In the past, it has used X-Tunnel, SPLM (or CHOPSTICK and X-Agent), GAMEFISH and Zebrocy to attack targets.
  
  
• APT28 uses spear-phishing (targeted campaigns to gain access to an individual’s account) and zero-day exploits (taking advantage of unknown computer-software vulnerabilities) to target specific individuals and organisations.