TeamSpy TeamSpy

  • First known sample

  • Discovery

  • Number of targets

  • Current status

    Inactive since 2014
  • Type

    Remote administration tool
  • Targeted platforms

  • TOP targeted countries

    Cambodia , Eastern Europe
  • The way of propagation

    Exploits , Social engineering
  • Purpose/Functions

    Cyberespionage , Data wiping
  • Special features
    The attackers control the victims’ computers remotely using the legal remote administration tool TeamViewer. This application is signed with legitimate digital certificates and is used by more than 100 million users around the world.
  • Targets

    Activists , Heavy industry manufacturers , Intelligence agencies
  • Artefacts/Attribution
    Russian-speaking authors
  • Description

    A cyber-surveillance operation targeting high-level political and human rights activists throughout the CIS region and Eastern European nations, as well as government agencies and private companies. The attacks have been ongoing for almost a decade and make use of the legal remote administration tool TeamViewer to control the victims’ computers remotely.

    Additional information