Skip to main content

Threat actor · G0035

Dragonfly

MITRE profile

Also known as TEMP.Isotope, DYMALLOY, Berserk Bear, TG-4192, Crouching Yeti, IRON LIBERTY, Energetic Bear, Ghost Blizzard, BROMINE.

Dragonfly is a cyber espionage group that has been attributed to Russia's Federal Security Service (FSB) Center 16. Active since at least 2010, Dragonfly has targeted defense and aviation companies, government entities, companies related to industrial control systems, and critical infrastructure sectors worldwide through supply chain, spearphishing, and drive-by compromise attacks.

ATT&CK techniques

56 mapped
T1003.002T1003.003T1003.004T1005T1012T1016T1018T1021.001T1033T1036.010T1053.005T1059T1059.001T1059.003T1059.006T1069.002T1070.004T1071.002T1074.001T1078T1083T1087.002T1098.007T1105T1110T1110.002T1112T1113T1114.002T1133T1135T1136.001T1187T1189T1190T1195.002T1203T1204.002T1210T1221T1505.003T1547.001T1560T1564.002T1566.001T1583.001T1583.003T1584.004T1588.002T1591.002T1595.002T1598.002T1598.003T1608.004T1685.005T1686