Magnallium

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
Magnallium, also known as Elfin, is a significant threat actor that has been active in the cybersecurity landscape. This entity, which could be an individual, a private company, or part of a government organization, has been identified as executing actions with malicious intent. A noticeable surge in its activity was observed in early to mid-2019, aligning it with similar patterns seen with other threat groups such as HEXANE and CHRYSENE. The lack of standard naming conventions in the cybersecurity industry can lead to confusion, but regardless of nomenclature, the activities of Magnallium pose a substantial risk. The similarities between the activities of Magnallium and those of HEXANE and CHRYSENE are noteworthy. These parallels suggest potential shared tactics, techniques, or procedures (TTPs) among these groups or possibly even common origins or affiliations. Understanding these connections could provide valuable insights into the broader threat landscape and aid in the development of more effective defensive strategies. Despite the increased activity of Magnallium, PARISITE, another threat actor, does not currently appear to have an Industrial Control System (ICS)-specific disruptive or destructive capability. Instead, it seems to function primarily as a tool for initial access, enabling further operations for Magnallium. This relationship suggests a level of cooperation or coordination among threat actors, underscoring the complexity of the cybersecurity landscape and the need for robust, multi-faceted defense strategies.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Magnallium Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
EXANE Threat Group | Dragos
CERT-EU
a year ago
Connect the Dots on State-Sponsored Cyber Incidents - APT 33
MITRE
a year ago
PARISITE Threat Group | Dragos