Velvet Ant
MITRE
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
[Velvet Ant](https://attack.mitre.org/groups/G1047) is a threat actor operating since at least 2021. [Velvet Ant](https://attack.mitre.org/groups/G1047) is associated with complex persistence mechanisms, the targeting of network devices and appliances during operations, and the use of zero day exploits.(Citation: Sygnia VelvetAnt 2024A)(Citation: Sygnia VelvetAnt 2024B)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (22)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1021.002 | SMB/Windows Admin Shares | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1037.004 | RC Scripts | - |
| T1040 | Network Sniffing | - |
| T1047 | Windows Management Instrumentation | - |
| T1049 | System Network Connections Discovery | - |
| T1055 | Process Injection | - |
| T1059.004 | Unix Shell | - |
| T1071 | Application Layer Protocol | - |
| T1078.003 | Local Accounts | - |
| T1083 | File and Directory Discovery | - |
| T1090.001 | Internal Proxy | - |
| T1132 | Data Encoding | - |
| T1133 | External Remote Services | - |
| T1211 | Exploitation for Defense Evasion | - |
Malware Utilizzato (2)
Metadata
| ID: | 869 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |