Veaty

Threat Actor updated 2 months ago (2024-10-17T12:21:11.747Z)

Download STIX

Preview STIX

Not enough context has been learned about Veaty for a description yet. However we're tracking it as a Threat Actor profile. Threat Actor: A threat actor, also commonly referred to as a threat group, adversary, or hacking team, is a human entity that is behind the execution of actions with malicious intent. It could be a single person, a private company, or part of a government entity. The cybersecurity industry comes up with some pretty crazy naming conventions, and there are very little standards.

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Karkoff is a possible alias for Veaty. Karkoff is a threat actor identified as part of the APT34 group, known for its malicious cyber activities. It has been linked to several malware families including Karkoff, Saitama, and IIS Group 2, which operate in the same geographical region. The Karkoff malware has been observed communicating th	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Backdoor

Malware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Saitama Threat Actor is associated with Veaty. Saitama is identified as a threat actor, a human entity responsible for executing actions with malicious intent. It's associated with the execution of cyber-attacks using sophisticated malware such as Saitama and Spearal, which employ base32-encoded commands passed through DNS tunneling. The techniq	Unspecified	2
The threatActor Spearal is associated with Veaty.	Unspecified	2
The APT34 Threat Actor is associated with Veaty. APT34, a threat actor suspected to be linked to Iran, has been operational since at least 2014 and is involved in long-term cyber espionage operations largely focused on reconnaissance efforts. The group targets a variety of sectors including financial, government, energy, chemical, and telecommunic	Unspecified	2

Source Document References

Information about the Veaty Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	3 months ago	As Geopolitical Tensions Mount, Iran's Cyber Operations Grow
Checkpoint	3 months ago	16th September – Threat Intelligence Report - Check Point Research
Checkpoint	3 months ago	Targeted Iranian Attacks Against Iraqi Government Infrastructure - Check Point Research