G1002 · 16 ATT&CK techniques · 0 correlated reports

BITTER

Aliases: T-APT-17

BITTER is a suspected South Asian cyber espionage threat group that has been active since at least 2013. BITTER has targeted government, energy, and engineering organizations in Pakistan, China, Bangladesh, and Saudi Arabia.

Open interactive actor investigation

ATT&CK techniques

T1105
Ingress Tool Transfer T1071.001
Web Protocols T1588.002
Tool T1568
Dynamic Resolution T1566.001
Spearphishing Attachment T1204.002
Malicious File T1027.013
Encrypted/Encoded File T1573
Encrypted Channel T1068
Exploitation for Privilege Escalation T1036.004
Masquerade Task or Service T1608.001
Upload Malware T1559.002
Dynamic Data Exchange T1203
Exploitation for Client Execution T1583.001
Domains T1053.005
Scheduled Task T1095
Non-Application Layer Protocol

Correlated CTI and IR reports

Continue the investigation

Interactive ThreatMapper ThreatMapper documentation CTI Analyst Field Manual Israel Threat Actors CTI Anomaly Detection Atlas ITDR Handbook 1200km Medium research