• Matrices
  • Tactics
    Enterprise Mobile
  • Techniques
    Enterprise Mobile
  • Mitigations
    Enterprise Mobile
  • Groups
  • Software
  • Resources
    General Information Getting Started Training ATT&CKcon Working with ATT&CK FAQ Updates Versions of ATT&CK Related Projects
  • Blog  External site
  • Contribute
GROUPS
Overview
admin@338
APT-C-36
APT1
APT12
APT16
APT17
APT18
APT19
APT28
APT29
APT3
APT30
APT32
APT33
APT37
APT38
APT39
APT41
Axiom
BlackOasis
BlackTech
Blue Mockingbird
Bouncing Golf
BRONZE BUTLER
Carbanak
Charming Kitten
Chimera
Cleaver
Cobalt Group
CopyKittens
Dark Caracal
Darkhotel
DarkHydrus
DarkVishnya
Deep Panda
Dragonfly
Dragonfly 2.0
DragonOK
Dust Storm
Elderwood
Equation
FIN10
FIN4
FIN5
FIN6
FIN7
FIN8
Frankenstein
Gallmaker
Gamaredon Group
GCMAN
GOLD SOUTHFIELD
Gorgon Group
Group5
Honeybee
Inception
Ke3chang
Kimsuky
Lazarus Group
Leafminer
Leviathan
Lotus Blossom
Machete
Magic Hound
menuPass
Moafee
Mofang
Molerats
MuddyWater
Naikon
NEODYMIUM
Night Dragon
OilRig
Orangeworm
Patchwork
PittyTiger
PLATINUM
Poseidon Group
PROMETHIUM
Putter Panda
Rancor
Rocke
RTM
Sandworm Team
Scarlet Mimic
Sharpshooter
Silence
SilverTerrier
Soft Cell
Sowbug
Stealth Falcon
Stolen Pencil
Strider
Suckfly
TA459
TA505
Taidoor
TEMP.Veles
The White Company
Threat Group-1314
Threat Group-3390
Thrip
Tropic Trooper
Turla
UNC2452
Whitefly
Windshift
Winnti Group
WIRTE
Wizard Spider
GROUPS
Overview
A-B
admin@338
APT-C-36
APT1
APT12
APT16
APT17
APT18
APT19
APT28
APT29
APT3
APT30
APT32
APT33
APT37
APT38
APT39
APT41
Axiom
BlackOasis
BlackTech
Blue Mockingbird
Bouncing Golf
BRONZE BUTLER
C-D
Carbanak
Charming Kitten
Chimera
Cleaver
Cobalt Group
CopyKittens
Dark Caracal
Darkhotel
DarkHydrus
DarkVishnya
Deep Panda
Dragonfly
Dragonfly 2.0
DragonOK
Dust Storm
E-F
Elderwood
Equation
FIN10
FIN4
FIN5
FIN6
FIN7
FIN8
Frankenstein
G-H
Gallmaker
Gamaredon Group
GCMAN
GOLD SOUTHFIELD
Gorgon Group
Group5
Honeybee
I-J
Inception
K-L
Ke3chang
Kimsuky
Lazarus Group
Leafminer
Leviathan
Lotus Blossom
M-N
Machete
Magic Hound
menuPass
Moafee
Mofang
Molerats
MuddyWater
Naikon
NEODYMIUM
Night Dragon
O-P
OilRig
Orangeworm
Patchwork
PittyTiger
PLATINUM
Poseidon Group
PROMETHIUM
Putter Panda
Q-R
Rancor
Rocke
RTM
S-T
Sandworm Team
Scarlet Mimic
Sharpshooter
Silence
SilverTerrier
Soft Cell
Sowbug
Stealth Falcon
Stolen Pencil
Strider
Suckfly
TA459
TA505
Taidoor
TEMP.Veles
The White Company
Threat Group-1314
Threat Group-3390
Thrip
Tropic Trooper
Turla
U-V
UNC2452
W-X
Whitefly
Windshift
Winnti Group
WIRTE
Wizard Spider
Y-Z
No groups
  1. Home
  2. Groups
  3. NEODYMIUM

NEODYMIUM

NEODYMIUM is an activity group that conducted a campaign in May 2016 and has heavily targeted Turkish victims. The group has demonstrated similarity to another activity group called PROMETHIUM due to overlapping victim and campaign characteristics. [1] [2] NEODYMIUM is reportedly associated closely with BlackOasis operations, but evidence that the group names are aliases has not been identified. [3]

ID: G0055
Version: 1.0
Created: 16 January 2018
Last Modified: 25 March 2019
Version Permalink
Live Version

Software

ID Name References Techniques
S0176 Wingbird [1][2] Boot or Logon Autostart Execution: LSASS Driver, Create or Modify System Process: Windows Service, Exploitation for Privilege Escalation, Hijack Execution Flow: DLL Side-Loading, Indicator Removal on Host: File Deletion, Process Injection, Software Discovery: Security Software Discovery, System Information Discovery, System Services: Service Execution

References

  1. Microsoft. (2016, December 14). Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe. Retrieved November 27, 2017.
  2. Anthe, C. et al. (2016, December 14). Microsoft Security Intelligence Report Volume 21. Retrieved November 27, 2017.
  1. Bing, C. (2017, October 16). Middle Eastern hacking group is using FinFisher malware to conduct international espionage. Retrieved February 15, 2018.
×

© 2015-2021, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

Privacy Policy
Terms of Use
ATT&CK v8.2
@MITREattack
Contact