Desert Falcons

Threat Actor Profile Updated 13 days ago
Download STIX
Preview STIX
Desert Falcons, a threat actor group also known as Group2, is associated with cyber-espionage activities of medium-level sophistication. This entity has been linked to various cyber operations including the Gaza Cybergang Group2 and Operation Parliament (Group3). The cybersecurity industry identifies Desert Falcons with other aliases such as APT-C-23, TAG-63, Arid Viper, and Mantis, reflecting its long-standing presence in Arabic cyber operations. The Desert Falcons' activities peaked towards the end of 2017 and the beginning of 2018, demonstrating their capability to execute targeted attacks on a global scale. Analysis of their movement revealed clusters of domains sharing a common Google Analytics code, signifying connections to other groups tracked by Recorded Future, such as TAG-63. These connections provide evidence of the group's extensive network and ability to coordinate complex cyber-attacks. More detailed information about the Desert Falcons' previous activities and their involvement in Operation Parliament will be made available in future publications. This will further shed light on the group's strategies, targets, and methods, providing valuable insights for cybersecurity experts to devise effective countermeasures. As the threat landscape evolves, understanding the tactics and techniques of groups like Desert Falcons remains critical for maintaining robust cybersecurity defenses.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Desert Falcons Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
For Apple users, tips on improving Wi-Fi performance | Antivirus and Security news
MITRE
a year ago
APT Trends report Q1 2018
CERT-EU
7 months ago
Hamas-linked app offers window into cyber infrastructure, possible links to Iran
MITRE
a year ago
Gaza Cybergang Group1, operation SneakyPastes