Attacks by Silence

A comprehensive technical analysis of Silence’s tools, tactics, and evolution. This is the first time Group−IB’s reports of this kind have been made publicly available.


In September 2018, Group-IB released Silence: Moving into the darkside, the first comprehensive technical report on the group’s attacks. The analysis remains the most complete source of technical information about the infrastructure and tools the cybercriminals used between June 2016 and April 2018.

Since that time, however, the geography of the group’s attacks, some of their tools, and other important elements characteristic of Silence have changed. Group-IB experts continuously monitor the cybercriminals’ activities and in August 2019 published Silence 2.0: Going global, an additional report about the threat actor’s evolution, tactical changes, and new targets.

Group-IB’s solutions

With the most extensive expertise on the group’s activities, and experience in responding to their attacks, Group-IB experts help combat threats at different stages:

A comprehensive technical analysis of Silence

For the first time in its history, Group-IB has made both reports publicly available with no registration needed, with the aim of helping researchers detect attacks at early stages and correctly attribute them. YARA and Suricata rules, however, are only available to Group‑IB Threat Intelligence & Attribution customers.

Report an incident

Get 24/7 incident response assistance from our global team

APAC: +65 3159-3798
Europe: +31 20 226-90-90
EMA: +971 4 508 1605

Thank you for filling out the form! We will get back to you shortly.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

All you need to know to #StayCyberSafe