SEKOIA.IO CTI Team had a major change about **[APT29](https://app.sekoia.io/intelligence/objects/intrusion-set--a6136d79-8140-4276-b028-c016d8ef5d74)** and **[NOBELIUM](https://app.sekoia.io/intelligence/objects/intrusion-set--7dbe6e76-c59f-4dec-a7cf-c2a7e0210d16)** cyber threat appreciation. From now, SEKOIA.IO will **consider both as the same intrusion set**, using APT29 as the main denomination and NOBELIUM as an alias. After the 2021 SolarWinds supply chain attack, a part of the CTI community estimated that the changes in TTPs and tools from APT29 could be considered as a new intrusion set, named NOBELIUM. For a time, SEKOIA decided to go along this new distinction and followed the group's new cyber activities under NOBELIUM intrusion set. However, SEKOIA noted that **this distinction was more confusing for further analysis and attribution**, and decided **to merge both intrusion sets into [APT29](https://app.sekoia.io/intelligence/objects/intrusion-set--a6136d79-8140-4276-b028-c016d8ef5d74)**.