Ember Bear

Russian Federation


EMBER BEAR is an adversary group that has operated against government and military organizations in Eastern Europe since early 2021, likely with the initial goal of collecting intelligence from target networks. EMBER BEAR appears primarily motivated to weaponize accesses and data obtained during intrusions to support information operations (IO) aimed at creating public mistrust in targeted institu...

Community Identifiers



  • 20LJ43ZDRr
  • BPgnrTJ2zKXA
  • XqSGFHbsyiN9rnzMPuJRwUd


  • Tkgc0V5e4YmGhfI

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.