| ID | Votes | Profile Description |
|---|---|---|
| Charming Kitten | 8 | Charming Kitten, also known as APT42, Storm-2035, Damselfly, Mint Sandstorm, TA453, and Yellow Garuda, is an Iranian threat actor group that has been linked to various cyber attacks. It has targeted entities in Brazil, Israel, and the United Arab Emirates using a new backdoor, as revealed by securit |
| Phosphorus | 5 | Phosphorus, also known as APT35 or Charming Kitten, is a notorious Iranian cyberespionage group linked to the Islamic Revolutionary Guard Corps (IRGC). This threat actor has been involved in a series of malicious activities, employing novel tactics and tools. A significant discovery was made by the |
| Mint Sandstorm | 4 | Mint Sandstorm, an Advanced Persistent Threat (APT) group linked to Iran's Islamic Revolutionary Guard Corps (IRGC), has been identified as a significant cyber threat actor. This group is known for its highly skilled operators and sophisticated social engineering techniques, often lacking the typica |
| Newscaster | 3 | APT35, also known as Newscaster Team, is an Iranian government-sponsored cyber espionage group that conducts extensive operations to gather strategic intelligence. The group, which has been active since at least 2014, has been linked to a series of advanced persistent threat (APT) campaigns targetin |
| TA453 | 3 | TA453, also known as Charming Kitten, APT35, APT42, Ballistic Bobcat, Phosphorus, and Ajax Security Team, is a threat actor linked to the Iranian government. This group has been implicated in numerous cyber espionage activities targeting various entities globally. In one notable incident, researcher |
| Apt42 | 3 | APT42, also known as Charming Kitten and CharmingCypress, is an Iran-nexus advanced persistent threat (APT) group known for its sophisticated and persistent cyber-attack strategies. The group has recently targeted Middle East policy experts in the region, as well as in the US and Europe, using a pho |
| Tortoiseshell | 2 | Tortoiseshell is a prominent threat actor associated with multiple Iranian Advanced Persistent Threat (APT) groups, including MASN. It has been linked to a multi-year cyberattack campaign that targeted over a dozen US companies and government entities, including the Department of the Treasury. The c |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Bellaciao | Unspecified | 2 | "BellaCiao" is a .NET-based malware linked to the Iran-sponsored group known as Charming Kitten (also referred to as Newsbeef and APT35). First observed in use since at least November 2022, this malicious script dropper has targeted systems in Afghanistan, Austria, Israel, and Turkey. Likely exploit |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| MuddyWater | Unspecified | 3 | MuddyWater is a notable threat actor group that has been associated with various cyber-attacks, primarily targeting organizations in the Middle East, particularly Israeli entities, but also extending its activities to other nations including India, Jordan, Portugal, Turkey, and Azerbaijan. The group |
| Mango Sandstorm | Unspecified | 2 | Mango Sandstorm, also known as MuddyWater or Mercury, is a threat actor group linked to Iran's Ministry of Intelligence and Security (MOIS) by the Israeli government. The group has been identified as being involved in several cyber-attacks, utilizing various tactics to gain initial access to targete |
| MERCURY | Unspecified | 2 | Mercury, also known as MuddyWater and Static Kitten, is a threat actor group linked to global espionage activities, with suspected ties to the Iranian Ministry of Intelligence and Security. This group has been noted for its malicious activities, compromising multiple victims that another group, POLO |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| DARKReading | 8 months ago | Microsoft: Iran's Mint Sandstorm APT Blasts Educators, Researchers | |
| CERT-EU | 8 months ago | Iranian threat group Mint Sandstorm targets high-profile Middle East researchers | |
| InfoSecurity-magazine | 8 months ago | Iranian Phishing Campaign Targets Israel-Hamas War Experts | |
| CERT-EU | 8 months ago | Microsoft: Iranian hackers target researchers with new MediaPl malware | |
| CERT-EU | 8 months ago | Iranian hackers targeting ‘high-profile’ experts on Middle East | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | |
| CERT-EU | 8 months ago | New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs | Microsoft Security Blog | |
| CERT-EU | 10 months ago | Israel subjected to Charming Kitten attacks | |
| CERT-EU | 10 months ago | Ukraine's power grid targeted by Sandworm hackers last year | |
| CERT-EU | 10 months ago | Iran’s role in Israel-Hamas war largely 'opportunistic' | |
| CERT-EU | 10 months ago | Why cyberspace remains largely unaffected amidst ongoing geopolitical turmoil | |
| CERT-EU | 10 months ago | What is Advanced Persistent Threat? Uncover the Hidden Dangers! | |
| CERT-EU | a year ago | APT trends report Q3 2023 | |
| DARKReading | a year ago | Microsoft: 'Peach Sandstorm' Cyberattacks Target Defense, Pharmaceutical Orgs | |
| CERT-EU | a year ago | Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor | |
| CERT-EU | a year ago | 'Whiffy Recon' Malware Transmits Device Location Every 60 Seconds | |
| Unit42 | a year ago | Why LaZagne Makes D-Bus API Vigilance Crucial | |
| Securityaffairs | a year ago | Charming Kitten APT is targeting Iranian dissidents in Germany | |
| CERT-EU | a year ago | APT trends report Q2 2023 – GIXtools | |
| Securelist | a year ago | APT trends report Q2 2023 | |
| DARKReading | a year ago | APT35 Develops Mac Bespoke Malware |