🇷🇺

ItaDuke

APT Group Information theft and espionage ETDA ✓

Also Known As 2 names

DarkUniverse SIG27

Target Countries 6

Countries highlighted in red

Afghanistan Belarus Ethiopia Islamic Republic of Iran Sudan United Republic of Tanzania

Sectors Targeted

Defense civilian

Details

Origin 🇷🇺 RU
Last Updated 29 Dec 2025

MITRE ATT&CK 162

T1001 T1001.002 T1003 T1003.002 T1003.004 T1003.006 T1005 T1016 T1016.001 T1018 T1021 T1021.001 T1021.002 T1021.006 T1021.007 T1027 - Obfuscated Files or Information T1027.001 T1027.002 T1027.003 T1027.006 T1036 T1036.004 T1036.005 T1037 T1037.004 T1047 T1048 T1048.002 T1053 T1053.005 T1055 - Process Injection T1057 T1059 T1059.001 - PowerShell T1059.003 T1059.005 T1059.006 T1059.009 T1068 T1069 T1069.002 T1070 T1070.004 T1070.006 T1070.008 T1071 T1071.001 - Web Protocols T1074 T1074.002 T1078 T1078.002 T1078.003 T1078.004 T1083 T1087 T1087.002 T1087.004 T1090 T1090.001 T1090.002 T1090.003 T1090.004 T1098 T1098.001 T1098.002 T1098.003 T1098.005 T1102 T1102.002 T1105 - Ingress Tool Transfer T1110 T1110.001 T1110.003 T1114 T1114.002 T1133 T1136 T1136.003 T1140 T1190 T1195 T1195.002 T1199 T1203 T1204 T1204.001 T1204.002 T1210 T1213 T1213.003 T1218 T1218.005 T1218.011 T1482 T1484 T1484.002 T1505 T1505.003 T1528 T1539 T1546 T1546.003 T1546.008 T1547 T1547.001 T1548 T1548.002 T1550 T1550.001 T1550.003 T1550.004 T1552 T1552.004 T1553 T1553.002 T1553.005 T1555 T1555.003 T1556 T1556.007 T1558 T1558.003 T1560 T1560.001 T1562 T1562.001 T1562.002 T1562.004 T1562.008 T1566 T1566.001 T1566.002 T1566.003 T1568 T1573 T1583 T1583.001 T1583.006 T1584 T1584.001 T1585 T1585.001 T1586 T1586.002 T1586.003 T1587 T1587.001 T1587.003 T1588 T1588.002 T1589 T1589.001 T1595 T1595.002 T1606 T1606.001 T1606.002 T1621 T1649 T1651 T1665 T1680

Related Zero-Days

No zero-day CVE linked to this actor