BITTER

Threat Actor Profile Updated 25 days ago
Download STIX
Preview STIX
Bitter, also known as T-APT-17, is a suspected South Asian threat actor that has been involved in various cyber campaigns. The group has been active since at least August 2021, with its operations primarily targeting government personnel in Bangladesh through spear-phishing emails. The similarities between the C2 server used in this campaign and those of Bitter's previous activities suggest a consistent pattern of behavior and provide moderate confidence that these actions are indeed conducted by the Bitter APT group. The operations of Bitter have wider geopolitical implications. For instance, their activities coincide with a period of heightened tensions and conflicts worldwide, such as the ongoing war in Ukraine and past conflicts like the Korean War in the 1950s. This context suggests that Bitter, like other threat actors, may be exploiting global instability to advance their malicious objectives. It's important to note, however, that the direct connection between Bitter's activities and these geopolitical events is not explicitly established based on the provided information. In addition to its technical capabilities, Bitter's operations underscore the broader challenges posed by disinformation and manipulation in the digital age. Accusations of media disinformation, election manipulation, and crackdowns on political dissent reflect the complex and multifaceted nature of the threats posed by entities like Bitter. As such, countering these actors requires not only robust cybersecurity measures but also efforts to promote transparency, accountability, and resilience in our digital information ecosystems.
What's your take? (Question 1 of 5)
09c9297f-17ee-4206-911b-97133e35fa43 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apt
Phishing
Exploit
Nuclear
Payload
Espionage
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the BITTER Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Bitter APT adds Bangladesh to their targets
MITRE
a year ago
BITTER: a targeted attack against Pakistan
Securityaffairs
a year ago
Bitter APT group targets China’s nuclear energy sector 
CERT-EU
a year ago
Alpilean Reviews -Alpine Ice Hack Method For Weight Loss Recipe Customer Results (2023 Update) | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker - National Cyber Security
InfoSecurity-magazine
a year ago
Raspberry Robin Adopts Unique Evasion Techniques
CERT-EU
a year ago
APT Cloud Atlas: Unbroken Threat
CERT-EU
a year ago
China’s Nuclear Energy Sector Targeted in Cyberespionage Campaign 
CERT-EU
a year ago
Meta Cracks Down on South Asian Cyberespionage Groups
Checkpoint
a year ago
Raspberry Robin: Anti-Evasion How-To & Exploit Analysis - Check Point Research
CERT-EU
a year ago
Links 22/02/2023: KDE Plasma 5.27.1 and New Fears Over Nukes
CERT-EU
a year ago
A Second Front: EU-Ukraine Cooperation in the Internal Security Domain
MITRE
a year ago
Exchange servers under siege from at least 10 APT groups | WeLiveSecurity
CERT-EU
a year ago
Italy PM Meloni urges India to play key role in ending Ukraine war
MITRE
a year ago
Bisonal: 10 years of play
CERT-EU
a year ago
Farmworkers in Canada Hack Menus, Protest for Better Labor Conditions | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker - National Cyber Security
CERT-EU
a year ago
NSA cyber director warns of ransomware attacks on Ukraine, Western supply chains
MITRE
a year ago
Bisonal Malware Used in Attacks Against Russia and South Korea
CERT-EU
a year ago
Prince Harry, the future king and a deal with Rupert
CERT-EU
7 months ago
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan
CERT-EU
4 months ago
In the new Cologne “Tatort” Ballauf and Schenk meet the Wolf of Wall Street – Tripoli Post