SYMBOLCOMMON_NAMEaka. SYNONYMS

Cadelle  (Back to overview)


Symantec telemetry identified Cadelle and Chafer activity dating from as far back as July 2014, however, it’s likely that activity began well before this date. Command-and-control (C&C) registrant information points to activity possibly as early as 2011, while executable compilation times suggest early 2012. Their attacks continue to the present day. Symantec estimates that each team is made up of between 5 and 10 people.


Associated Families

There are currently no families associated with this actor.


References
2015-12-07SymantecSymantec Security Response
@online{response:20151207:iranbased:24872ed, author = {Symantec Security Response}, title = {{Iran-based attackers use back door threats to spy on Middle Eastern targets}}, date = {2015-12-07}, organization = {Symantec}, url = {https://www.symantec.com/connect/blogs/iran-based-attackers-use-back-door-threats-spy-middle-eastern-targets}, language = {English}, urldate = {2020-01-09} } Iran-based attackers use back door threats to spy on Middle Eastern targets
APT39 Cadelle
2015-12-07SymantecSecurity Response
@online{response:20151207:iranbased:5e7136f, author = {Security Response}, title = {{Iran-based attackers use back door threats to spy on Middle Eastern targets}}, date = {2015-12-07}, organization = {Symantec}, url = {https://web.archive.org/web/20191221064439/https://www.symantec.com/connect/blogs/iran-based-attackers-use-back-door-threats-spy-middle-eastern-targets}, language = {English}, urldate = {2020-04-21} } Iran-based attackers use back door threats to spy on Middle Eastern targets
CadelSpy Remexi Cadelle

Credits: MISP Project