Red October
0 incidentes
0 paises
0 sectores
apt RU Ultimo: -
Aliases: Blue Odin, G0100, Cloud Atlas, APT REDOCTOBER, "RSA incident", "Red October", referencias a dominios como www
Red October is a cyber espionage campaign first publicly identified by Kaspersky Lab in January 2013, though forensic evidence indicates its operations began as early as May 2007. Assessed with high confidence to be of Russian origin, the group's primary motivation is intelligence gathering, specifically targeting diplomatic, governmental, and scientific research organizations. What distinguishes Red October is its highly modular and adaptable attack platform, internally dubbed "Rocra," designed for resilient intelligence collection and capable of recovering access to compromised systems even after command-and-control infrastructure is disrupted. The initial campaign largely ceased after its public exposure; however, a successor campaign known as Cloud Atlas emerged in 2014, exhibiting strong technical and targeting similarities, suggesting continued operations by the same or a closely related group.
Canales, DLS e infraestructura asociada
Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
| Tipo | Estado | Host / enlace | Title / ultimo titulo |
| DLS / leak site | up | www.alienvault.com | APT REDOCTOBER indicators and references |
| Repositorio | up | github.com | APT REDOCTOBER indicators and references |
| DLS / leak site | up | raw.githubusercontent.com | APT REDOCTOBER indicators and references |
Paises objetivo (SOCRadar)
United Arab EmiratesAfghanistanAlbania
ArmeniaAngola
Argentina
Austria
Australia
AzerbaijanBosnia and Herzegovina
Sectores objetivo (SOCRadar)
Construction of BuildingsOther Information ServicesAccommodationAir TransportationManufacturingConstructionPublic AdministrationOil & GasEducational ServicesWholesale Trade