Ishak

Threat Actor Profile Updated 3 months ago
Download STIX
Preview STIX
Ishak is a threat actor that has been used in cyberattacks attributed to the group known as Rocket Kitten. This relationship became apparent around Fall 2015 when Rocket Kitten was the subject of multiple publications, and a shift in behavior was observed. The preference for Ishak scripts over another tool, Oyun, may be due to this behavioral change. Two distinct personalities within Rocket Kitten were identified: one using tools tied to an individual named Yaser Balaghi (including Gholee, Woolger, MPK, Oyun), and the other connected to Flying Kitten tools, including Ishak. Notably, there were some additions to the Ishak codebase related to logging and authentication that were not previously seen in the Flying Kitten kit. Both the Flying Kitten and Ishak toolkits are relatively simple, with victim identifiers stored in an array in a file that functions essentially as a phone book for the platform. These changes seem to have been made in response to a report by ClearSky, a cybersecurity firm. The information about Ishak was published by the ISEAS – Yusof Ishak Institute, which conducts research on various topics including cybersecurity. Despite the threats posed by entities like Ishak, the institute points out that many countries are opting to incorporate AI-related elements into existing legislation to address inherent risks and implement safeguards efficiently. However, it is yet to be seen whether these guidelines will translate into impactful domestic policies, especially in ASEAN member states where four nations - Brunei, Cambodia, Laos, and Myanmar - have not yet developed their own AI strategies.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Flying Kitten
1
Flying Kitten is a threat actor that has been tracked and reported on since mid-January 2014, primarily by CrowdStrike Intelligence. The group first came to prominence in November 2013 with its cyber-attack using the domain xn--facebook-06k.com. It continued its malicious activities in March 2014 th
Rocket Kitten
1
Rocket Kitten is a recognized threat actor in the cybersecurity world, known for its malicious activities. This group was particularly active in 2016, using domains such as yahoo-drive.signin-useraccount-mail.com and yahoo-reset.signin-useraccount-mail.com to execute their operations. The group's mo
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Facebook
Phishing
Spearphishing
Malaysia
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
OyunUnspecified
1
Oyun is identified as a threat actor, a term used in cybersecurity to denote an entity that executes actions with malicious intent. This entity has been linked to a set of tools and scripts named after an individual called Yaser Balaghi, including Gholee, Woolger, MPK, and Oyun itself. The shift in
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Ishak Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
7 months ago
China’s Digital Silk Road (DSR) In Southeast Asia: Progress And Challenges – Analysis
CERT-EU
8 months ago
AI in Southeast Asia: As rules are drafted, workers share their worries and wishes
CERT-EU
8 months ago
Commentary: Fighting cybercrime to win China’s favour has become a common goal in Myanmar’s civil war
CERT-EU
a year ago
Expats falling victim to IMO hacking scams | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
a year ago
Vietnam Calls for Tech Giants to Use AI to Remove ‘Anti-State’ Content
CERT-EU
a year ago
Manila’s New Geopolitical Push And Malaysia Must Step Up – Analysis
CERT-EU
a year ago
What Drives Vietnam’s Tightened Public Sphere? – Analysis
CERT-EU
a year ago
Commentary: Cybertrooper activity in state elections marks irreversible trend in Malaysia politics
CERT-EU
a year ago
Vietnam Orders Social Media Firms to Cut ‘Toxic’ Content Using AI
MITRE
a year ago
Flying Kitten to Rocket Kitten, A Case of Ambiguity and Shared Code