APT 29 is a threat group that has been attributed to Russia’s Foreign Intelligence Service (SVR)
They have operated since at least 2008, often targeting government networks in Europe and NATO member countries, research institutes, and think tanks
History
Compromising the Democratic National Committee starting in the summer of 2015
Stealing COVID-19 vaccine data from the UK, Canada, and the US in 2020.
Conducting a massive supply chain compromise through SolarWinds software in 2020-2021, affecting thousands of organizations worldwide`
Aliases
APT 29 has been given various nicknames by different cybersecurity firms, such as Cozy Bear, CozyDuke, The Dukes, Dark Halo, StellarParticle, NOBELIUM, UNC2452, and YTTRIUM
These names may reflect different aspects of their malware toolsets, spearphishing campaigns, or infrastructure