A technical analysis of the APT28’s backdoor called OCEANMAP

A technical analysis of the APT28’s backdoor called OCEANMAP

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting state organizations attributed to the Russian espionage group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP.” Download this whitepaper to explore a technical analysis of APT28’s tactics, techniques, and procedures.