Модный мишка | |
| Formation | c. 2004–2007[1] |
|---|---|
| Type | Advanced persistent threat |
| Purpose | Cyberespionage, cyberwarfare |
Region | Middle East |
| Methods | Zero-days, spearphishing, malware, Social Engineering, Watering Hole |
Membership | At least 5 |
Official language | Persian |
Parent organization | IRGC |
| Affiliations | Rocket Kitten APT34 APT33 |
Formerly called | APT35 Turk Black Hat Ajax Security Team Phosphorus |
Charming Kitten, also called APT35 (by Mandiant), Phosphorus or Mint Sandstorm (by Microsoft),[1] Ajax Security (by FireEye),[2] and NewsBeef (by Kaspersky[3][4]), is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat.
On December 15, 2017, the group was designated by FireEye as a nation state-based advanced persistent threat, regardless of the lack of its sophistication. Research conducted by FireEye in 2018 suggested that APT35 may be expanding their malware capabilities and intrusion campaigns.[5]
The group has since been known to use phishing to impersonate company websites,[6] as well as fake accounts and fake DNS domains to phish users' passwords.
- ^ "Microsoft uses court order to shut down APT35 websites". CyberScoop. March 27, 2019.
- ^ "Ajax Security Team lead Iran-based hacking groups". Security Affairs. May 13, 2014.
- ^ "Freezer Paper around Free Meat". securelist.com. April 27, 2016.
- ^ Bass, Dina. "Microsoft Takes on Another Hacking Group, This One With Links to Iran". news.bloomberglaw.com.
- ^ "OVERRULED: Containing a Potentially Destructive Adversary". FireEye.
- ^ "Iranian Charming Kitten ATP group poses as Israeli cybersecurity firm in phishing campaign". Security Affairs. July 3, 2018.
© MMXXIII Rich X Search. We shall prevail. All rights reserved. Rich X Search