TaskMasters

BlueTraveller

  • AM
    Armenia
  • BY
    Belarus
  • KZ
    Kazakhstan
  • KG
    Kyrgyzstan
  • MD
    Moldova
  • MN
    Mongolia
  • RU
    Russia
  • VN
    Vietnam
  • TJ
    Tajikistan
  • UZ
    Uzbekistan

General description

The cyber-espionage group TaskMasters was discovered in 2018 by PT Expert Security Center specialists. The group has been active at least since 2010. The targeted organizations include major industrial and energy enterprises, public structures, and transport companies. The group attacks companies of various countries, although most victims are in Russia and CIS countries.

Objectives

  • Espionage

Tools

  • Service utility
  • RemShell downloader
  • RemShell backdoor
  • PhantomShell backdoor
  • InteractiveShell backdoor

Targeted countries

  • AM
    Armenia
  • BY
    Belarus
  • KZ
    Kazakhstan
  • KG
    Kyrgyzstan
  • MD
    Moldova
  • MN
    Mongolia
  • RU
    Russia
  • VN
    Vietnam
  • TJ
    Tajikistan
  • UZ
    Uzbekistan

Alternative names

  • BlueTraveller
Targeted sectors:
  • Manufacturing and industry
  • The energy sector
  • State structures
  • Transportation companies

MITRE ATT&CK techniques, used by the group