WASSONITE

Dragos identified the WASSONITE activity group following a malware intrusion at the Kudankulam Nuclear Power Plant (KKNPP) nuclear facility in India. After further investigation, Dragos observed WASSONITE tools and behaviors targeting multiple industrial control system (ICS) entities including electric generation, nuclear energy, manufacturing, and organizations involved in space-centric research. WASSONITE has been active since at least 2018.

2020-05-30 • DragosWASSONITE Threat Group

Related Actors

Related Reports in This Cluster

Top Authors

View WASSONITE reports only

2026-06-19
Blackfog
#Lazarus #Trend
2026-06-18
Red Asgard
#Lazarus #Podcast
2026-06-18
OSM
#Mastra #NPM #SupplyChain #Lazarus #T1195.001 #T1555 #T1105 #T1059.007
2026-06-16
Ahnlab
#Trend #Lazarus #FamousChollima #Kimsuky #TA-RedAnt
2026-06-16
Ahnlab
#Lazarus #FamousChollima #Kimsuky #TA-RedAnt #Trend
2026-06-12
i QBlack
#Kimsuky #Lazarus #Suspicious
2026-06-11
Red Asgard
#Lazarus #Podcast
2026-06-09
Crowd Strike
#FamousChollima #LabyrinthChollima #StardustChollima #Trend
2026-06-08
OSM
#Lazarus #ContagiousInterview #NPM #PyPI #Trend #PolinRider #TasksJacker
2026-06-06
Red Asgard
#Lazarus #OtterCookie #Podcast
2026-06-03
Sonatype
#Lazarus #NPM #SupplyChain #T1195 #T1059.007 #T1027 #T1105
2026-06-03
Pure Fi
#Lazarus
2026-06-03
Qihoo360
#APT-C-26 #CVE-2025-55182 #T1406
2026-05-29
SOCRadar
#Lazarus #TraderTraitor #UNC1069 #DriftProtocol #KelpDAO #Axios #NPM #SupplyChain #WAVESHAPER #Trend
2026-05-29
Poly Swarm
#Lazarus #RemotePE #AppleJeus #CitrineSleet #UNC4736 #GleamingPisces #Finance #Cryptocurrency #Fileless #Espionage #FinancialGain #PondRAT #ThemeForestRAT #POOLRAT #T1055 #T1071.001 #T1027 #T1562.006

View WASSONITE reports only