Discover and read the best of Twitter Threads about #GTsST
Most recents (2)
We have become aware of a large #ICS/#SCADA malware project apparently conducted under a state contract on behalf of the Russian General Staff Main Intelligence Directorate (#GRU), Main Centre for Special Technologies (#GTsST), military unit 74455.
This military unit also known as #Sandworm is located at the GRU Ulitsa Kirova facility in the Khimki suburb of Moscow. In the past Sandworm has targeted ICS/SCADA, one of the most renowned being the #INDUSTROYER2 hacking attempt of a Ukrainian electrical substation in April 22.
The ongoing project is to cost more than 100 million rubles across three phases and undertaken by several technical defense contractors.
Znatok is fully featured has interface for “Commander” to assign tasking to a team. Look military. If #Sandworm is #GRU cyber then could fit
See BASHNYA as project name or user. Still work on functionality of framework. More soon #ThreatIntel #Sandworm
Bashnya is Башня. This translate from Russia is “Tower”. GTsST GRU Unit 74455 linked to Sandworm has HQ at the “Tower”, 22 Kirova Street in Khimki Moscow. Think Bashnya/Tower is code for end user of Znatok #ThreatIntel #Sandworm #GRU
