Group description: Poseidon Group

attack.mitre.org · MITRE ATT&CK · 20 hours ago · news
quality 2/10 · low quality
0 net
Tags
cybersecurity mitre
Poseidon Group, Group G0033 | MITRE ATT&CK® ATT&CK v19 will be released April 28th! Check out this blog post for information on the planned deprecation of Enterprise's Defense Evasion tactic in the upcoming release. Home Groups Poseidon Group Poseidon Group Poseidon Group is a Portuguese-speaking threat group that has been active since at least 2005. The group has a history of using information exfiltrated from victims to blackmail victim companies into contracting the Poseidon Group as a security firm. [1] ID: G0033 Version : 1.1 Created: 31 May 2017 Last Modified: 25 April 2025 Version Permalink Live Version ATT&CK ® Navigator Layers Enterprise Layer download view Techniques Used Domain ID Name Use Enterprise T1087 .001 Account Discovery : Local Account Poseidon Group searches for administrator accounts on both the local victim machine and the network. [1] .002 Account Discovery : Domain Account Poseidon Group searches for administrator accounts on both the local victim machine and the network. [1] Enterprise T1059 .001 Command and Scripting Interpreter : PowerShell The Poseidon Group 's Information Gathering Tool (IGT) includes PowerShell components. [1] Enterprise T1036 .005 Masquerading : Match Legitimate Resource Name or Location Poseidon Group tools attempt to spoof anti-virus processes as a means of self-defense. [1] Enterprise T1003 OS Credential Dumping Poseidon Group conducts credential dumping on victims, with a focus on obtaining credentials belonging to domain and database servers. [1] Enterprise T1057 Process Discovery After compromising a victim, Poseidon Group lists all running processes. [1] Enterprise T1049 System Network Connections Discovery Poseidon Group obtains and saves information about victim network interfaces and addresses. [1] Enterprise T1007 System Service Discovery After compromising a victim, Poseidon Group discovers all running services. [1] References Kaspersky Lab's Global Research and Analysis Team. (2016, February 9). Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage. Retrieved March 16, 2016. × load more results
← Back to stories