SYMBOL | COMMON_NAME | aka. SYNONYMS |
FireEye has identified APT35 operations dating back to 2014. APT35, also known as the Newscaster Team, is a threat group sponsored by the Iranian government that conducts long term, resource-intensive operations to collect strategic intelligence. APT35 typically targets U.S. and the Middle Eastern military, diplomatic and government personnel, organizations in the media, energy and defense industrial base (DIB), and engineering, business services and telecommunications sectors.
2022-06-20 ⋅ Infinitum IT ⋅ Charming Kitten (APT35) LaZagne DownPaper MimiKatz pupy |
2022-06-15 ⋅ Volexity ⋅ DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach pupy Sliver |
2022-03-30 ⋅ Recorded Future ⋅ Social Engineering Remains Key Tradecraft for Iranian APTs Liderc pupy |
2021-07-28 ⋅ Proofpoint ⋅ I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona Liderc SysKit |
2021-07-15 ⋅ Facebook ⋅ Taking Action Against Hackers in Iran Liderc SysKit |
2020-01-23 ⋅ Recorded Future ⋅ European Energy Sector Organization Targeted by PupyRAT Malware in Late 2019 pupy pupy pupy |
2019-11-19 ⋅ FireEye ⋅ Achievement Unlocked: Chinese Cyber Espionage Evolves to Support Higher Level Missions MESSAGETAP TSCookie ACEHASH CHINACHOPPER Cobalt Strike Derusbi Empire Downloader Ghost RAT HIGHNOON HTran MimiKatz NetWire RC poisonplug Poison Ivy pupy Quasar RAT ZXShell |
2019-09-25 ⋅ Twitter (@QW5kcmV3) ⋅ Tweet on APT35 activity SysKit |
2019-09-24 ⋅ DARKReading ⋅ Iranian Government Hackers Target US Veterans SysKit Tortoiseshell |
2019-09-24 ⋅ Cisco Talos ⋅ How Tortoiseshell created a fake veteran hiring website to host malware Liderc SysKit |
2019-09-18 ⋅ Symantec ⋅ Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks SysKit Tortoiseshell |
2019-08-22 ⋅ Github (n1nj4sec) ⋅ Pupy RAT pupy pupy pupy |
2019-03-27 ⋅ Symantec ⋅ Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S. DarkComet Nanocore RAT pupy Quasar RAT Remcos TURNEDUP APT33 |
2019-03-27 ⋅ Symantec ⋅ Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S. DarkComet MimiKatz Nanocore RAT NetWire RC pupy Quasar RAT Remcos StoneDrill TURNEDUP APT33 |
2018-12-21 ⋅ FireEye ⋅ OVERRULED: Containing a Potentially Destructive Adversary POWERTON PoshC2 pupy |
2018 ⋅ FireEye ⋅ M-TRENDS2018 APT35 OilRig |
2017-02-15 ⋅ Palo Alto Networks Unit 42 ⋅ Magic Hound Campaign Attacks Saudi Targets Leash MPKBot pupy Rocket Kitten |
2017-02-15 ⋅ Secureworks ⋅ Iranian PupyRAT Bites Middle Eastern Organizations pupy Cleaver |
2017-02-10 ⋅ JPCERT/CC ⋅ Malware that infects using PowerSploit pupy |