Strontium — Threat Actor Profile, Campaigns & Targets

Threat entity extracted from intelligence sources

Frequency
11
occurrences
First Seen
February 3, 2026
Last Seen
May 14, 2026

Strontium is a apt_group tracked across 7 threat clusters and 11 intelligence report mentions on ThreatCluster. First observed February 3, 2026; most recent activity May 14, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • 621822 — www.cybersecuritydive.com · May 14, 2026
  • APT28 exploit routers to enable DNS hijacking operations — Wired-Gov · April 8, 2026
  • FBI Takes Down APT28 Network Behind Global DNS Hijacking Attacks — Thecyberexpress · April 8, 2026
  • Warning from UK: Russian cybercriminals hijack routers to steal passwords — Heise.De · April 7, 2026
  • Russian Hackers Exploiting Home and Small — Cybersecuritynews · April 7, 2026
  • Russian APT weaponizes critical Zimbra bug in Ukraine-targeted intrusions — Scworld · March 20, 2026
  • Russian hackers exploit Zimbra flaw in Ukrainian govt attacks — Bleepingcomputer · March 19, 2026
  • APT28 conducts long — Securityaffairs.Co · March 10, 2026

CVSS v3.1 Breakdown