PROMETHIUM is an activity group that has been active as early as 2012. The group primarily uses Truvasys, a first-stage malware that has been in circu...

Threat Actor Profile

PROMETHIUM

State-sponsored threat group originating from TR. Uses 19 known MITRE ATT&CK techniques.

19 TTPs Mapped Real-Time Alerts

Actor Overview

Origin Country
TR
Known Techniques
19 TTPs

MITRE ATT&CK Techniques

T1547T1547.001T1543T1543.003T1587T1587.002T1587.003T1189T1036T1036.004T1036.005T1553T1553.002T1205T1205.001 +4 more

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on PROMETHIUM is published.

Actor Details

Primary Name
PROMETHIUM
Known Aliases
StrongPity, G0056
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →