ID | Votes | Profile Description |
---|---|---|
OilRig | 3 | OilRig is a well-known threat actor in the cybersecurity landscape, notorious for its sophisticated attacks on various targets, including Middle Eastern telecommunications organizations and Israel's critical infrastructure sector. This entity has been linked to several high-profile campaigns such as |
Helix Kitten | 2 | Helix Kitten, also known as APT34, OilRig, Cobalt Gypsy, Hazel Sandstorm, and Crambus, is a threat actor believed to originate from Iran. The group has been tracked by various cybersecurity firms including FireEye, Symantec, and CrowdStrike, each using different names to identify the same entity. Th |
APT34 | 2 | APT34, also known as OilRig, EUROPIUM, Hazel Sandstorm, and Crambus among other names, is a threat actor believed to be operating on behalf of the Iranian government. Operational since at least 2014, APT34 has been involved in long-term cyber espionage operations primarily focused on reconnaissance |
MuddyWater | 1 | MuddyWater is an advanced persistent threat (APT) group, also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros. This threat actor has been linked to the Iranian Ministry of Intelligence and Security (MOIS) according to a joint advisory from cybersecurity firms. The group empl |
Siamesekitten | 1 | Siamesekitten, also known as OilRig, APT34, Lyceum, or Crambus, is a threat actor group believed to be based in Iran. This cyberespionage entity has been active since at least 2014 and has targeted various organizations across the globe with malicious intent. The group is known for its sophisticated |
POWRUNER | 1 | Powruner is a malicious software (malware) associated with other malware such as POWBAT and BONDUPDATER, and it's utilized by the Advanced Persistent Threat group APT34. The malware is designed to exploit and damage computer systems, often infiltrating via suspicious downloads, emails, or websites. |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sc5k | Unspecified | 1 | SC5k is a malware developed by OilRig, first discovered in November 2021 during the group's Outer Space campaign. This malicious software acts as a vehicle to deploy a downloader called SampleCheck5000 (SC5k), which utilizes the Office Exchange Web Services (EWS) API to download additional tools for |
ID | Type | Votes | Profile Description |
---|---|---|---|
Static Kitten | Unspecified | 1 | Static Kitten, also known as MuddyWater, Mercury, Mango Sandstorm, and TA450, is an Iranian government-sponsored hacking group suspected to be linked to the Iranian Ministry of Intelligence and Security. The group has been active since 2017 and is notorious for its cyber-espionage activities. Static |
Lyceum | Unspecified | 1 | Lyceum, also known as DEV-0133 and potentially linked to the OilRig group (aka APT34, Helix Kitten, Cobalt Gypsym, Crambus, or Siamesekitten), is a threat actor believed to be a Farsi-speaking entity active since 2018. It is suspected to be a subordinate element within Iran's Ministry of Intelligenc |
Waterbug | Unspecified | 1 | Waterbug, also known as Turla, Venomous Bear, and other aliases, is a cyberespionage group closely affiliated with the FSB Russian intelligence agency. This threat actor has been active since at least 2004, targeting government entities, intelligence agencies, educational institutions, research faci |
ID | Type | Votes | Profile Description |
---|---|---|---|
Samplecheck5000 Sc5k | Unspecified | 1 | SampleCheck5000 (SC5k) is a vulnerability in software design or implementation, used by the threat group OilRig, also known as APT34, Helix Kitten, Cobalt Gypsym, Lyceum, Crambus, or Siamesekitten. This group has been linked to potential Iranian threat actors and is notorious for its sophisticated c |
Crambus Waterbug | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
DARKReading | 7 months ago | Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over |
CERT-EU | 9 months ago | Les dernières cyberattaques (24 octobre 2023) |
CERT-EU | 9 months ago | Iranian State Sponsored Hackers On The Attack |
CERT-EU | 9 months ago | Crambus: New Campaign Targets Middle Eastern Government - Cyber Security Review |
CERT-EU | 9 months ago | Iranian Hackers Lurked for 8 Months in Government Network | Antivirus and Security news |
CERT-EU | 9 months ago | Iranian Hackers Lurked for 8 Months in Government Network |
CERT-EU | 9 months ago | New cyber campaign targeted Middle Eastern government, researchers say |
CERT-EU | 9 months ago | Crambus: New Campaign Targets Middle Eastern Government |
CERT-EU | 9 months ago | Iran-Linked 'MuddyWater' Spies on Mideast Gov't for 8 Months |
MITRE | a year ago | Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments |