UNC757

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
UNC757, also known as Pioneer Kitten or Parisite, is a threat actor recognized for its malicious activities in the cybersecurity landscape. This group's indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) have been analyzed, leading to the identification of a correlation between this group and other clusters of activity operated by Iranian threat actors. The naming conventions used to identify such groups can often be complex and inconsistent across the cybersecurity industry, but there is little doubt about the harmful intent behind UNC757's actions. The group has shown a concentrated focus on targeting Israeli entities and organizations, as well as those operating within Israel. This pattern aligns with the broader operational tendencies observed among Iranian threat actors, specifically UNC757. Their sophisticated cyber-attacks pose significant security threats to these organizations, potentially disrupting their operations and compromising sensitive data. In a recent incident, Hartman identified the Iranian hackers from UNC757 as the culprits behind an attack on an unspecified elections website. The details of the targeted website were not disclosed, but the incident underscores the group's capabilities and their potential impact on critical infrastructures. As such, organizations must remain vigilant and adopt robust cybersecurity measures to defend against these persistent and evolving threats.
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Pioneer Kitten
2
Pioneer Kitten, also known as UNC757, is a threat actor tracked by CrowdStrike Intelligence and is believed to be linked with the Iranian government. The group primarily targets North American and Israeli entities that are likely of intelligence interest to Iran. Pioneer Kitten's operational model i
Parisite
1
Parisite, also known as Fox Kitten, Pioneer Kitten, or UNC757, is a threat actor believed to be associated with the Iranian government. This group has been operational since at least 2017, exhibiting activities targeting a broad geographic range including entities in the US, the Middle East, Europe,
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the UNC757 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Suspected Iranian Actor Targeting Israeli Shipping, Healthcare, Government and Energy Sectors
MITRE
a year ago
Iran-Based Threat Actor Exploits VPN Vulnerabilities | CISA
CERT-EU
a year ago
The Tragic Fallout From a School District’s Ransomware Breach | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting