| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Symantec telemetry identified Cadelle and Chafer activity dating from as far back as July 2014, however, it’s likely that activity began well before this date. Command-and-control (C&C) registrant information points to activity possibly as early as 2011, while executable compilation times suggest early 2012. Their attacks continue to the present day. Symantec estimates that each team is made up of between 5 and 10 people.
There are currently no families associated with this actor.
| 2015-12-07
⋅
Symantec
⋅
Iran-based attackers use back door threats to spy on Middle Eastern targets APT39 Cadelle |
| 2015-12-07
⋅
Symantec
⋅
Iran-based attackers use back door threats to spy on Middle Eastern targets CadelSpy Remexi Cadelle |