216.73.216.233

TEMP.Veles

· Published 16/12/2025 19:39 · Modified 27/03/2026 01:14 · Source: The MITRE Corporation

Essential information

Confidence
100/100
Published
16/12/2025 19:39
Modified
27/03/2026 01:14
Updated at
27/03/2026 01:14
Revoked
No
Author / Source
The MITRE Corporation
Resource level
Primary motivation
Related entities
2 attack patterns (mitre), 1 malware, 2 tool, 2 campaign

Aliases

XENOTIME

Description

[TEMP.Veles](https://attack.mitre.org/groups/G0088) is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing [TRITON](https://attack.mitre.org/software/S0609), a malware framework designed to manipulate industrial safety systems.(Citation: FireEye TRITON 2019)(Citation: FireEye TEMP.Veles 2018)(Citation: FireEye TEMP.Veles JSON April 2019)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.