PROMETHIUM is an activity group that has been active since at least 2012. The group conducted a campaign in May 2016 and has heavily targeted Turkish victims. PROMETHIUM has demonstrated similarity to another activity group called NEODYMIUM due to overlapping victim and campaign characteristics. [1] [2]

ID: G0056
Version: 1.0


ID Name References Techniques
S0178 Truvasys [1] [2] Masquerading, Registry Run Keys / Startup Folder