Alias Description | Votes |
---|---|
OilRig is a possible alias for APT34. OilRig, also known as APT34, Earth Simnavaz, Evasive Serpens, and other names, is a well-known threat actor in the cybersecurity industry. This group has been particularly active in targeting entities in the Middle East, including critical infrastructure and telecommunications organizations. One of | 5 |
COBALT GYPSY is a possible alias for APT34. Cobalt Gypsy, also known as APT34, Helix Kitten, Hazel Sandstorm, and OilRig, is an Iranian advanced persistent threat operation that has been active since at least 2014. This threat actor has a history of targeting sectors such as telecommunications, government, defense, oil, and financial services | 2 |
Hazel Sandstorm is a possible alias for APT34. Hazel Sandstorm, also known as APT34, OilRig, and EUROPIUM, is a threat actor that has been linked to Iran. This group is known for its sophisticated and persistent cyber attacks on high-profile organizations, using custom-made tools to gain access and systematically exfiltrate data. The cybersecuri | 2 |
Menorah is a possible alias for APT34. The Menorah malware, a novel and malicious software, was discovered in October 2023 as part of a cyberespionage operation conducted by Iranian advanced persistent threat (APT) group, OilRig. Also known as APT34, Helix Kitten, Hazel Sandstorm, and Cobalt Gypsy, the group has been strengthening its cy | 2 |
Crambus is a possible alias for APT34. The Iranian Crambus espionage group, also known as OilRig, APT34, and other aliases, is a threat actor with extensive expertise in long-term cyber-espionage campaigns. In the most recent attack between February and September 2023, this group infiltrated an unnamed Middle Eastern government's network | 2 |
Karkoff is a possible alias for APT34. Karkoff is a threat actor identified as part of the APT34 group, known for its malicious cyber activities. It has been linked to several malware families including Karkoff, Saitama, and IIS Group 2, which operate in the same geographical region. The Karkoff malware has been observed communicating th | 2 |
Helix Kitten is a possible alias for APT34. Helix Kitten, also known as APT34, OilRig, Cobalt Gypsy, Hazel Sandstorm, and Crambus, is a threat actor believed to originate from Iran. The group has been tracked by various cybersecurity firms including FireEye, Symantec, and CrowdStrike, each using different names to identify the same entity. Th | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The SideTwist Malware is associated with APT34. SideTwist is a malware variant discovered and named by Check Point Research during an investigation into a campaign led by the Iranian threat group APT34 (also known as OilRig). This new backdoor variant was used against what appeared to be a Lebanese target. The SideTwist backdoor, identified via i | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT33 Threat Actor is associated with APT34. APT33, also known as Peach Sandstorm, is an Iran-linked threat actor associated with the Iranian Islamic Revolutionary Guard Corps (IRGC). This group has targeted communication equipment, government agencies, and the oil-and-gas industry in the United Arab Emirates and the United States, primarily f | Unspecified | 2 |
The threatActor Spearal is associated with APT34. | Unspecified | 2 |
The threatActor Veaty is associated with APT34. | Unspecified | 2 |
The Saitama Threat Actor is associated with APT34. Saitama is identified as a threat actor, a human entity responsible for executing actions with malicious intent. It's associated with the execution of cyber-attacks using sophisticated malware such as Saitama and Spearal, which employ base32-encoded commands passed through DNS tunneling. The techniq | Unspecified | 2 |
The Turla Threat Actor is associated with APT34. Turla, a threat actor linked to Russia, is known for its sophisticated cyber espionage operations. The group has been associated with numerous high-profile attacks, often utilizing advanced backdoors and fileless malware for infiltration and persistence. Turla's tactics, techniques, and procedures ( | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 2 months ago | ||
Trend Micro | 2 months ago | ||
DARKReading | 2 months ago | ||
Securityaffairs | 3 months ago | ||
DARKReading | 3 months ago | ||
Checkpoint | 3 months ago | ||
Checkpoint | 3 months ago | ||
CERT-EU | a year ago | ||
Checkpoint | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |