CURIUM

Threat Actor updated 24 days ago (2024-11-29T13:35:58.952Z)
Download STIX
Preview STIX
Curium, also known as Crimson Sandstorm, is an Iranian threat actor group that has been meticulously targeting users over time. Unlike other threat actors who commonly utilize phishing emails, Curium employs a unique approach by creating a network of fictitious social media accounts to build trust with their targets before delivering malware. The group's patience and unconventional methods highlight their strategic sophistication in executing cyber attacks. The Tel Aviv-based cybersecurity company, ClearSky, has attributed the attacks to this Iranian threat actor with low confidence. Curium is also tracked under several other names including Tortoiseshell, Imperial Kitten, and TA456. This multiplicity of aliases further complicates tracking and attribution efforts, underscoring the group's elusive nature and the broader challenges faced in the cybersecurity field. In unrelated news, a new Miner Pool app called "Curium" by Bluzelle has been introduced, as reported on HackRead.com. This application aims to simplify cryptocurrency earning processes. It's important to note that despite sharing the same name, there is no connection between the threat actor Curium (Crimson Sandstorm) and Bluzelle's Curium app.
Description last updated: 2024-02-22T17:16:08.317Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Crimson Sandstorm is a possible alias for CURIUM. Crimson Sandstorm, an Advanced Persistent Threat (APT) group linked to Iran, has been identified as a significant threat actor in the cybersecurity landscape. This entity, potentially connected to the Islamic Revolutionary Guard Corps and active since at least 2017, targets victims across diverse se
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CURIUM Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more