Threat Actor Profile

APT29

State-sponsored threat group originating from RU. Suspected sponsor: Russian Federation. Known to target Government, Private sector. Uses 160 known MITRE ATT&CK techniques.

160 TTPs Mapped 2 Industries Tracked Real-Time Alerts

OriginRU

160MITRE TTPs

2Sectors Hit

Actor Overview

Origin Country

Suspected Sponsor

Russian Federation

Incident Types

Espionage

Known Techniques

160 TTPs

Target Industries

GovernmentPrivate sector

Suspected Victims

United StatesChinaNew ZealandUkraineRomaniaGeorgiaJapanSouth KoreaBelgiumKazakhstanBrazilMexicoTurkeyPortugalIndiaGermany

MITRE ATT&CK Techniques

T1136T1584T1136.003T1548T1548.002T1087T1087.002T1087.004T1098T1098.001T1098.002T1098.003T1098.005T1583T1583.001 +145 more

Related Threat Reports

Premium

APT Campaign Analysis - Q4 2025Dec 2025

New Tactics Observed in WildDec 2025

Infrastructure Mapping ReportDec 2025

Stay Updated

Get alerts when new intel on APT29 is published.

Actor Details

Primary Name

APT29

Known Aliases

Group 100, COZY BEAR, The Dukes, Minidionis, SeaDuke, YTTRIUM, IRON HEMLOCK, Grizzly Steppe, G0016, ATK7, Cloaked Ursa, TA421, Blue Kitsune, ITG11, BlueBravo, Nobelium, UAC-0029

Data Source

Precursor Intelligence

Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →