Alias Description | Votes |
---|---|
APT35 is a possible alias for Charming Kitten. APT35, also known as the Newscaster Team, Charming Kitten, and Mint Sandstorm, is an Iranian government-sponsored cyber espionage team. This threat actor conducts long-term, resource-intensive operations to collect strategic and tactical intelligence on behalf of the Islamic Revolutionary Guard Corp | 8 |
TA453 is a possible alias for Charming Kitten. TA453, also known as Charming Kitten, APT35, Phosphorus, Newscaster, and Ajax Security Team, is a threat actor group suspected to be linked with the Iranian government. Researchers from Proofpoint have attributed cyberattacks on affiliates of former National Security Adviser John Bolton and nuclear | 6 |
Phosphorus is a possible alias for Charming Kitten. Phosphorus, also known as APT35 or Charming Kitten, is a prominent threat actor linked to the Islamic Revolutionary Guard Corps (IRGC) of Iran. The group is notorious for its cyberespionage activities and has been actively targeting high-profile individuals involved in Middle Eastern affairs at univ | 5 |
Mint Sandstorm is a possible alias for Charming Kitten. Mint Sandstorm, an Advanced Persistent Threat (APT) group linked to Iran's Islamic Revolutionary Guard Corps (IRGC), has been identified as a significant cybersecurity threat. The group has demonstrated its capability to rapidly weaponize N-day vulnerabilities in common enterprise applications and c | 4 |
Yellow Garuda is a possible alias for Charming Kitten. Yellow Garuda, also known as Charming Kitten, APT35, Mint Sandstorm, Cobalt Illusion, and TA453 among other names, is a threat actor believed to be operating on behalf of Iran's Islamic Revolutionary Guard Corps (IRGC). The group has been active in various cyber espionage campaigns over the years. I | 4 |
Apt42 is a possible alias for Charming Kitten. APT42, also known as Charming Kitten, CharmingCypress, Storm-2035, Damselfly, Mint Sandstorm, TA453, and Yellow Garuda, is an Iran-nexus advanced persistent threat (APT) group that has been active in various cyberattacks. The group employs a range of tactics, techniques, and procedures (TTPs), such | 4 |
ITG18 is a possible alias for Charming Kitten. ITG18, also known as Charming Kitten, Phosphorous, and TA453, is a threat actor that has been active since at least 2013. The group is known for its meticulous techniques in cyber espionage, such as validating stolen credentials by copying and pasting victim usernames and passwords into various webs | 2 |
Newscaster is a possible alias for Charming Kitten. APT35, also known as Newscaster Team, is an Iranian government-sponsored cyber espionage group that conducts extensive operations to gather strategic intelligence. The group, which has been active since at least 2014, has been linked to a series of advanced persistent threat (APT) campaigns targetin | 2 |
Ballistic Bobcat is a possible alias for Charming Kitten. Ballistic Bobcat, also known as APT35, APT42, Charming Kitten, TA453, and Phosphorus, is a threat actor group believed to be aligned with Iran. The group has been active for several years, developing and deploying a series of backdoor exploits known as Sponsor (versions v1 through v4). Ballistic Bob | 2 |
Tortoiseshell is a possible alias for Charming Kitten. Tortoiseshell is a prominent threat actor associated with multiple Iranian Advanced Persistent Threat (APT) groups, including MASN. It has been linked to a multi-year cyberattack campaign that targeted over a dozen US companies and government entities, including the Department of the Treasury. The c | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Bellaciao Malware is associated with Charming Kitten. "BellaCiao" is a .NET-based malware linked to the Iran-sponsored group known as Charming Kitten (also referred to as Newsbeef and APT35). First observed in use since at least November 2022, this malicious script dropper has targeted systems in Afghanistan, Austria, Israel, and Turkey. Likely exploit | Unspecified | 4 |
The CharmPower Malware is associated with Charming Kitten. CharmPower is a sophisticated malware, identified as an updated version of the Powerstar backdoor, that has been deployed by the Iranian hacking group known as Charming Kitten. The group used this malware in spear-phishing campaigns to target individuals affiliated with think tanks, universities, an | Unspecified | 3 |
The Powerstar Malware is associated with Charming Kitten. Powerstar is a malicious software (malware) utilized by the Iranian state-sponsored threat operation, Charming Kitten, also known as APT35, Mint Sandstorm, Cobalt Illusion, and Yellow Garuda. This malware has been deployed in spear-phishing attacks targeting US political and government entities sinc | has used | 3 |
The PowerLess Malware is associated with Charming Kitten. Powerless is a malicious software (malware) that was deployed by Ballistic Bobcat in September 2021, during the wrap-up of the campaign documented in CISA Alert AA21-321A. This malware was introduced as part of the PowerLess campaign, which involved the use of a new command and control (C&C) server. | Unspecified | 2 |
The Noknok Malware is associated with Charming Kitten. NokNok is a malicious software (malware) developed by the Iranian hacking group APT35, also known as Charming Kitten. It was discovered after the group targeted a US-based nuclear security expert with a sophisticated phishing attack. The attackers initiated several non-threatening email interactions | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | a day ago | ||
DARKReading | a month ago | ||
DARKReading | 2 months ago | ||
DARKReading | 3 months ago | ||
Malwarebytes | 4 months ago | ||
DARKReading | 4 months ago | ||
InfoSecurity-magazine | 4 months ago | ||
DARKReading | 4 months ago | ||
DARKReading | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
SecurityIntelligence.com | 7 months ago |