Desert Falcons

Threat Actor updated a month ago (2024-11-29T14:31:55.109Z)

Download STIX

Preview STIX

Desert Falcons, also known as APT-C-23, Arid Viper, or Two-tailed Scorpion, is a threat actor group associated with cyber espionage activities that have been ongoing since at least 2013. This group has targeted countries in the Middle East and has shown links to the Gaza Cybergang Group2, which is known for its medium-level sophistication. The Desert Falcons have been tracked under various names by different cybersecurity firms, such as TAG-63 by Recorded Future, indicating the complexity of their operations and their significant presence in the world of cyber threats. The group's activities have been documented in several publications, including reports detailing their targeted attacks. Their tactics, techniques, and procedures (TTPs) are analyzed, providing insight into their modus operandi. Furthermore, there is evidence of connections to other threat groups, like Operation Parliament (Group3), highlighting the interconnectedness of these malicious entities in the cyber landscape. Desert Falcons demonstrated a peak of activity towards the end of 2017 and the beginning of 2018, suggesting an escalation in their operations during this period. More information on the group's activities and their connections to other threat actors will be presented in future publications. Given their history and the potential for future threats, continued monitoring and analysis of the Desert Falcons' activities are essential for maintaining cybersecurity.

Description last updated: 2024-06-13T16:16:33.853Z

What's your take? (Question 1 of 1)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Arid Viper is a possible alias for Desert Falcons. Arid Viper, also known as APT-C-23, Desert Falcons, or Two-tailed Scorpion, is a cyber espionage group that has been active since at least 2013, primarily targeting countries in the Middle East. The group's geographical location remains unknown, but it is associated with Palestinian interests and is	3

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apt

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Desert Falcons Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
ESET	6 months ago	Arid Viper poisons Android apps with AridSpy
InfoSecurity-magazine	6 months ago	Arid Viper Hackers Spy in Egypt and Palestine Using Android Spyware
MITRE	2 years ago	Gaza Cybergang Group1, operation SneakyPastes
CERT-EU	a year ago	Hamas-linked app offers window into cyber infrastructure, possible links to Iran
CERT-EU	a year ago	For Apple users, tips on improving Wi-Fi performance \| Antivirus and Security news
MITRE	2 years ago	APT Trends report Q1 2018