MoustachedBouncer

MISP

Type:
Nation-state

Country:
BY

First seen:
Unknown

Details:

[MoustachedBouncer](https://attack.mitre.org/groups/G1019) is a cyberespionage group that has been active since at least 2014 targeting foreign embassies in Belarus.(Citation: MoustachedBouncer ESET August 2023)

MITRE ATT&CK: View on MITRE

Techniques Used (8)

ID	ATT&CK	Tactics
T1027.002	Software Packing	-
T1059.001	PowerShell	-
T1059.007	JavaScript	-
T1068	Exploitation for Privilege Escalation	-
T1074.002	Remote Data Staging	-
T1090	Proxy	-
T1113	Screen Capture	-
T1659	Content Injection	-

References (1)

welivesecurity.com - Moustachedbouncer Espionage Against Foreign Diplomats In Belarus

Related Malware (3)

Disco
other

NightClub
other

SharpDisco
other

Metadata

ID:	427
Created:	13/01/2026 17:48
Updated:	21/04/2026 04:00