espionage
RussiaThreat Actor
RussiaThreat ActorActive Threat
APT28
124
IOCs Tracked
13
Intel Reports
Associated IOCs50 total
IP16
95.179.213.0
2026-06-03High45.93.20.1412026-06-03High77.91.65.31
2026-06-03High152.89.244.70
2026-06-03High45.144.233.1922026-06-03High62.164.177.230
2026-06-03High185.196.0.11
2026-06-03High62.60.131.161
2026-06-03High193.58.122.972026-06-03High91.202.233.206
2026-06-03High193.35.17.12
2026-06-03High45.11.89.19
2026-06-03High45.32.144.2552026-06-03High185.102.115.272026-06-03High193.222.99.2122026-06-03High45.77.31.210
2026-06-03HighDomain27
helpdeskpulse.com2026-06-03High
anthonydee.com2026-06-03High
macosx-app.com2026-06-03High
yvngvualr.com2026-06-03High
birdrepgo.com2026-06-03High
nobovcs.com2026-06-03High
extracareliving.com2026-06-03High
admin-activitycheck.com2026-06-03High
mac-os-helper.com2026-06-03High
safe-dns.it.com2026-06-03High
valetfortesla.com2026-06-03High
cdncheck.it.com2026-06-03High
acconthelpdesk.com2026-06-03High
customblindinstall.com2026-06-03High
guypinions.com2026-06-03High
sign-in-op-token.com2026-06-03High
macosxappstore.com2026-06-03High
cryptoinfnews.com2026-06-03High
appmacintosh.com2026-06-03High
nowbirdrank.com2026-06-03High
birdreplab.com2026-06-03High
thepulseactivity.com2026-06-03High
appsmacosx.com2026-06-03High
deinhealthcoach.com2026-06-03High
traderslinkfx.com2026-06-03High
temp.sh2026-06-03High
vipbirdrank.com2026-06-03High
URL4
Related Reports13 total
APT28 Weaponizes Outlook Zero-Click Flaw to Steal Net-NTLMv2 Hashes From NATO Targets
Cyber PressJun 12, 2026
APT28, an evolution of tradecraft
Sekoia BlogJun 11, 2026
February 2026 CVE Landscape: 13 Critical Vulnerabilities Mark 43% Drop from January
Recorded Future BlogMar 12, 2026
ClickFix Campaigns Targeting Windows and macOS
Recorded Future BlogMar 25, 2026
January 2026 CVE Landscape: 23 Critical Vulnerabilities Mark 5% Increase, APT28 Exploits Microsoft Office Zero-Day
Recorded Future BlogFeb 24, 2026
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
Microsoft Threat IntelligenceApr 7, 2026
APT28: Geofencing as a Targeting Signal (CVE-2026-21509 Campaign)
Synaptic SystemsFeb 3, 2026
UAC-0184: From HTA to a Signed Network Stack
Synaptic SystemsMay 18, 2026
From APT28 to RePythonNET: automating .NET malware analysis
Sekoia BlogApr 16, 2026
NSFOCUS Monthly APT Insights – March 2026
NSFOCUS Security LabsMay 28, 2026
Operation MacroMaze: new APT28 campaign using basic tooling and legit infrastructure
Lab52Feb 13, 2026
Cyber Conflict Briefing Q4 2025
DCSO CyTec BlogFeb 13, 2026
Cyber Conflict Briefing Q3 2025
DCSO CyTec BlogNov 18, 2025
Threat Profile
Motivationespionage
OriginRussia
RussiaLast seenJun 2026
IOCs tracked124