Crouching Yeti
Affiliations
  • Also known as Energetic Bear, Dragonfly, Group 24, and Koala Team. Possibly associated with Allanite and Dymalloy. Believed to be behind the targeting of critical infrastructure entities in the United States and Germany, prompting both countries to issue technical alerts
This threat actor targets companies in the education, energy, construction, information technology, and pharmaceutical sectors for the purposes of espionage. It uses malware tailored to target industrial control systems.
Suspected victims
  • United States
  • Germany
  • Turkey
  • China
  • United Kingdom
  • Spain
  • France
  • Ireland
  • Russia
  • Greece
  • Japan
  • Italy
  • Poland
  • Ukraine
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Private sector
  • Government