Fruityarmor

Threat Actor Profile Updated 3 months ago
Download STIX
Preview STIX
FruityArmor, also known as Stealth Falcon or Project Raven, is a threat actor linked to the United Arab Emirates (UAE) according to MITRE. Active since 2012, this group has been associated with cyberespionage activities targeting political activists, journalists, and dissidents primarily in the Middle East region. The cybersecurity industry identifies these entities using various naming conventions, with FruityArmor being one such example. On September 25, 2023, new cyberespionage attacks were reported, launched by the Stealth Falcon operation utilizing a novel sophisticated malware called Deadglyph. This backdoor malware is directly attributed to the Stealth Falcon Advanced Persistent Threat (APT), reinforcing its reputation as a state-sponsored hacking group from the UAE. Details about this new backdoor have been reported by SC Magazine and The Hacker News, highlighting the continuous evolution of the threat landscape. ESET, a leading cybersecurity company, has confirmed the attribution of these recent attacks to the Stealth Falcon group. The use of the Deadglyph malware in these attacks demonstrates the group's ongoing commitment to developing advanced tools for conducting cyberespionage. As this situation continues to evolve, it underscores the importance of maintaining robust cybersecurity measures and staying informed about emerging threats.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Stealth Falcon
1
Stealth Falcon, also known as Project Raven or FruityArmor, is a notable threat actor that has been active since at least 2012. This group is known for its cyber espionage activities primarily in the Middle East, targeting political activists, journalists, and dissidents. The group gained significan
Project Raven
1
Project Raven, also known as Stealth Falcon or FruityArmor, is a threat actor linked to the United Arab Emirates (UAE), identified by cybersecurity researchers as being active since 2012. This group has been associated with state-sponsored cyber-espionage activities, primarily targeting political ac
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Eset
Apt
Backdoor
State Sponso...
Mitre
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
DeadglyphUnspecified
1
Deadglyph is a sophisticated malware, named and detailed by ESET, used in cyberespionage attacks targeted at Middle Eastern governments. The malware is linked to the Stealth Falcon Advanced Persistent Threat (APT) group, also known as FruityArmor, which has been previously associated with the United
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Fruityarmor Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
10 months ago
DHS: US critical infrastructure facing malicious AI threat
CERT-EU
10 months ago
New Deadglyph backdoor detailed
CERT-EU
10 months ago
Stealth Falcon cyber spies use unusual backdoor in attacks on government entities in the Middle East
CERT-EU
10 months ago
New stealthy and modular Deadglyph malware used in govt attacks
CERT-EU
10 months ago
Stealth Falcon preying over Middle Eastern skies with Deadglyph