APT28 is a threat actor attributed to RU, also known as Grizzly Steppe, IRON TWILIGHT, Group 74. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does APT28 exploit?

Specific CVE exploitation data for APT28 is being tracked. Check the Strobes VI threat actor profile for updates.

APT28

Also known as: Grizzly Steppe, IRON TWILIGHT, Group 74, BlueDelta, SNAKEMACKEREL, GruesomeLarch, Blue Athena, TG-4127, UAC-0001, ITG05, Fancy Bear, Fighting Ursa, Swallowtail, Forest Blizzard, Sednit, G0007, STRONTIUM, FANCY BEAR, SIG40, UAC-0028, APT-C-20, FROZENLAKE, T-APT-12, Pawn Storm, TA422, Tsar Team, ATK5, Sofacy

Exploited CVEs

Overview

The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) is a cyber espionage group believed to have ties to the Russian government. Likely operating since 2007, the group is known to target government, military, and security organizations. It has been characterized as an advanced persistent threat.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions

APT28

Ready for Agentic Automated Testing?

APT28