Latest Indicators of compromise for malware used by APT28

It provides an overview of the actor and information about associated malware and tooling, with indicators of compromise and signatures that can be used to detect potential presence of the actor on a network.

It concludes with mitigation guidelines for protecting networks against activity by APT28 and other hostile actors.

Download the PDF which contains the APT28 Indicators of Compromise



NCSC_APT28_v2

Source of the IOC:

  • https://www.ncsc.gov.uk/alerts/indicators-compromise-malware-used-apt28