Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-06 00:53:29 UTC
Home > List all groups > List all tools > List all groups using tool PowerDuke
 Tool: PowerDuke
Names PowerDuke
Category Malware
Type Backdoor
Description
(Volexity) The PowerDuke backdoor boasts a pretty extensive list of features that allow
the Dukes to examine and control a system. Volexity suspects the feature set that has
been built into PowerDuke is an extension of their anti-VM capabilities in the initial
dropper files. Several commands supported by PowerDuke facilitate getting information
about the system.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 23 April 2020
Download this tool card in JSON format
All groups using tool PowerDuke
Changed Name Country Observed
APT groups
 APT 29, Cozy Bear, The Dukes 2008-Feb 2025
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=7859036b-5f71-44e0-ad91-b85726302fd4
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=7859036b-5f71-44e0-ad91-b85726302fd4
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=7859036b-5f71-44e0-ad91-b85726302fd4
Page 2 of 2

APT groups APT 29, Cozy Bear, The Dukes 2008-Feb 2025 
1 group listed (1 APT, 0 other, 0 unknown) 
   Page 1 of 2