More about the Crouching Yeti group, its tactics, techniques, procedures and tools
Interest in OPC/SCADA. Trojanized software used to administer remote OPC servers as well as modules to scan networks for OPC servers.
Russian-speaking authors
An APT actor active since 2010 that launches information-stealing campaigns. By repackaging legitimate software installers and utilizing waterhole attacks, the group installs backdoors in targeted systems. The primary victims are organizations representing the industrial/machinery building sector of European countries, the US, China, and Japan.