Hello, everyone. I'm instructor Gerry Roberts, and this is introduction to a PT groups.
In this video, we're gonna talk about how a PT groups air tracked, and we're gonna look at some current A PT groups to watch.
So first, how are a PT groups trapped?
Well, typically, they're trapped by the government or some sort of security organization
group's heir, typically given a number, and then that is shared between those who track those groups.
For example, there's a group, Notice Reaper
that is also known as A B T 37 or Group 37
Kurt Groups to watch.
So there are a couple of groups listed here. There are four of them. It's a short list of common actors.
The idea is to give you an example of Kurt actors and what groups might look like.
Of course, always stay up to date on the threats that might impact you and your business.
So the first couple groups Angler E. K. Now, that may sound familiar because you might be familiar with the angler Attack it.
Oh, this group used that kit with Dr Buy downloads in order to target random businesses and companies.
They're originally from the former USSR and were established in about 14 4015. Their motivation is financial gate.
The next group is known as black Fine. They were established. You're on 2012
and they're from around Beijing. We're not 100% sure exactly where, but we know it's somewhere around Beijing.
They use a couple different types of attacks. They use zero day exploits, watering hole attacks, custom developed malware such as here, IX, sacharow and my vest.
And they usually target aerospace, energy and healthcare organizations.
Their key motivation is cyber espionage.
Another couple, Corpse Butterfly
butterfly, was established in 2012 and is primarily from China.
They use euro day exploits
and custom development. Our
such as OS X dot pint sized
and back door dot Jerry Pete, but
so you can see by the name of some of their power. They also attack Mac systems in addition to your normal attacks on Windows and Linux systems.
Now their targets have actually been quite large. They've targeted Twitter, Facebook, Apple, Microsoft on all of these. They were able to compromise somewhere around 2013 early in the year.
They've also expanded into pharmaceutical technology law practices oil, precious metal mining organizations anywhere they can find some financial gain.
Their primary motivation has been financial gain and cyber espionage.
This group was established around 2011.
They're from around Eastern Europe.
They typically use spam email, watering hole attacks, and they've made their own custom malware tools.
The trojan dot carrigan e and the back door dot old area.
Their targets have been defense aviation in the U. S. And Canada,
and now they've moved to target some European energy firms as well.
Their motivation has been sober espionage, specifically spying and sabotage.
It's time for our post assessment question.
How are a PT groups typically classified?
Are they classified by their threat level,
their group number or name,
or their number of members?
I'll give you a moment to think on that one. You could also the pause the video if you would like, and we'll come back to the answer. In a moment.
That answer is B group number or name. Typically, a PT groups are classified by their name or their group number.
So when you go to look for information on them, you can find it quite easily by the name. Or, if you know their group number, you could find it by group number