Awaken Likho

Threat Actor updated 3 months ago (2024-11-29T13:56:47.173Z)
Download STIX
Preview STIX
Awaken Likho, a threat actor identified as an Advanced Persistent Threat (APT) group, has been active since at least July 2021, primarily targeting government organizations and contractors. This cyber adversary gained significant attention after ramping up its activities following the onset of the Russo-Ukrainian conflict. Awaken Likho operators typically employ search engines to gather extensive information about their victims, crafting convincing messages to further their malicious campaigns. The group, also referred to as Core Werewolf by some vendors, is known for its ability to adjust its Tactics, Techniques, and Procedures (TTPs) to maintain effectiveness. A new Awaken Likho campaign was discovered in May 2024, where slight adjustments were observed in the group's TTPs. This evolution in strategy indicates the group's adaptability and persistent threat. In June 2024, another campaign was uncovered, showcasing further modifications in its TTPs. This campaign is still ongoing, reflecting the group's relentless pursuit of its objectives. Our team has been actively tracking these campaigns since their inception and published three detailed reports in August and September 2024 through our threat research subscription service. Given the group's history and demonstrated capabilities, we expect Awaken Likho to continue its malicious operations, specifically targeting and infiltrating selected infrastructure in future attacks. Based on the used TTPs and victim information, we hold with high confidence that Awaken Likho is behind these campaigns. As such, organizations, particularly those in government sectors and related contractors, are urged to remain vigilant and adopt robust cybersecurity measures to mitigate potential threats.
Description last updated: 2024-11-28T11:44:58.310Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Core Werewolf is a possible alias for Awaken Likho.
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apt
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Awaken Likho Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more