Fruityarmor

Threat Actor Profile Updated 13 days ago
Download STIX
Preview STIX
FruityArmor, also known as Stealth Falcon or Project Raven, is a threat actor linked to the United Arab Emirates (UAE) according to MITRE. Active since 2012, this group has been associated with cyberespionage activities targeting political activists, journalists, and dissidents primarily in the Middle East region. The cybersecurity industry identifies these entities using various naming conventions, with FruityArmor being one such example. On September 25, 2023, new cyberespionage attacks were reported, launched by the Stealth Falcon operation utilizing a novel sophisticated malware called Deadglyph. This backdoor malware is directly attributed to the Stealth Falcon Advanced Persistent Threat (APT), reinforcing its reputation as a state-sponsored hacking group from the UAE. Details about this new backdoor have been reported by SC Magazine and The Hacker News, highlighting the continuous evolution of the threat landscape. ESET, a leading cybersecurity company, has confirmed the attribution of these recent attacks to the Stealth Falcon group. The use of the Deadglyph malware in these attacks demonstrates the group's ongoing commitment to developing advanced tools for conducting cyberespionage. As this situation continues to evolve, it underscores the importance of maintaining robust cybersecurity measures and staying informed about emerging threats.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Fruityarmor Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
DHS: US critical infrastructure facing malicious AI threat
CERT-EU
8 months ago
New stealthy and modular Deadglyph malware used in govt attacks
CERT-EU
8 months ago
Stealth Falcon preying over Middle Eastern skies with Deadglyph
CERT-EU
8 months ago
Stealth Falcon cyber spies use unusual backdoor in attacks on government entities in the Middle East
CERT-EU
8 months ago
New Deadglyph backdoor detailed