Home » APT29 aka Nobelium, Cozy Bear

APT29 aka Nobelium, Cozy Bear

Nobelium, also known as APT29, is a cyber espionage group that is believed to be operated by the Russian government (Foreign Intelligence Service of the Russian Federation).  It is known for conducting sophisticated and targeted cyber attacks against governments and non-governmental organizations, businesses, think tanks, military, IT service providers, health technology and research, telecommunications providers and other organizations.

Nobelium typically uses spearphishing campaigns and other tactics to gain initial access to target networks, and then uses a range of tools and techniques to move laterally within the network and exfiltrate sensitive data. The group is known for its ability to operate covertly and evade detection for extended periods of time.

NOBELIUM’s Envyscout infection chain goes in the registry, targeting embassies.

The group has been active since at least 2004, and it has been linked to a number of high-profile cyberattacks, including the SolarWinds hack in 2020, which affected numerous government agencies and private companies in the United States.

For more details, you can read this article in which our TDR team reports on a campaign linked to Nobelium. 

You can consult other topics available in our glossary below: Advanced Persistent Threat, Turla, SaaS SIEM, LuckyMouse, Roaming Mantis, Vice Society, Cyber Threat Intelligence, XDR, SOAR, SIEM, SOC, EDR, CERT, STIX, IoC, Data Loss Prevention.

We are a cybersecurity software publisher. We provide SOC and MSSP teams with a turnkey operational security platform (SOC platform). Through our XDR platform, CTI tool and threat intelligence platform, we enable our users to neutralize cyber threats, regardless of the attack surface.

Others Terms

CTI(Cyber Threat Intelligence)

Cyber ​​Threat Intelligence (CTI) defines cyber threat research, analysis and modeling. It'is used to prevent and detect computer attacks.

APT31( Advanced Persistent Threat 31)

APT31 (also know as Zirconium or Judgment Panda) is an Advanced Persistent Threat (link to APT) group whose mission is likely to gather intelligence on behalf of the Chinese government.

Échangez avec l’équipe

Vous souhaitez en savoir plus sur nos solutions de protection ?
Vous voulez découvrir nos produits de XDR et de CTI ?
Vous avez un projet de cybersécurité dans votre organisation ?
Prenez rendez-vous et rencontrons-nous !

Chat with our team !

Would you like to know more about our solutions ?
Do you want to discover our XDR and CTI products ?
Do you have a cyber security project in your organization ?
Make an appointment and meet us !