Ta450

Threat Actor updated 23 days ago (2024-11-29T13:35:12.228Z)
Download STIX
Preview STIX
TA450, an Advanced Persistent Threat (APT) group, is a threat actor linked to Iran that has been identified as being behind a series of cyber-attacks. APTs are typically associated with nation-states or state-sponsored groups and are known for their persistence and ability to remain undetected over long periods. The cybersecurity industry often uses unique identifiers like TA450 to track the activities of these threat actors. In recent attacks, TA450 has been found to embed malicious links within PDF attachments. This represents a sophisticated technique aimed at bypassing traditional security measures. Once the recipient opens the infected PDF, they are unknowingly directed to a malicious website or server, which then allows the threat actor to gain unauthorized access to sensitive information or systems. The discovery of this activity underscores the evolving nature of the threats posed by TA450 and similar groups. It highlights the need for robust cybersecurity measures, including advanced threat detection capabilities and user education about the risks of clicking on unknown links, even when they appear in seemingly harmless documents such as PDFs. Organizations should ensure their security infrastructure can effectively detect and mitigate such threats, and individuals should be wary of unsolicited or suspicious attachments.
Description last updated: 2024-07-07T15:25:38.263Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Static Kitten is a possible alias for Ta450. Static Kitten, also known as MuddyWater, Mercury, Mango Sandstorm, and TA450, is an Iranian government-sponsored hacking group suspected to be linked to the Iranian Ministry of Intelligence and Security. The group has been active since 2017 and is notorious for its cyber-espionage activities. Static
2
MuddyWater is a possible alias for Ta450. MuddyWater is an Advanced Persistent Threat (APT) actor that first surfaced in 2017, primarily targeting countries in the Middle East, Europe, and the USA. The group uses a range of techniques for its cyber-espionage activities, including PowerShell for execution, HTTP for C2 communications, and mal
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Ta450 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago
BankInfoSecurity
9 months ago