Sea Turtle
Sea Turtle is a Türkiye-linked threat actor active since at least 2017 performing espionage and service provider compromise operations against victims in Asia, Europe, and North America. Sea Turtle is notable for targeting registrars managing ccTLDs and complex DNS-based intrusions where the threat actor compromised DNS providers to hijack DNS resolution for ultimate victims, enabling Sea Turtle to spoof log in portals and other applications for credential collection.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low0.0
None signal strength
Mentions0
Sources0
High conf.0
First observed
2024-11-20
Last active
—
Origin
Turkey
Aliases
5
Techniques
27
Campaigns
0
Turkey
Attribution signals
No attribution signals extracted yet — signals populate automatically as articles are processed.