| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Charming Kitten (aka Parastoo, aka Newscaster) is an group with a suspected nexus to Iran that targets organizations involved in government, defense technology, military, and diplomacy sectors.
| 2021-08-20 ⋅ YouTube (Black Hat) ⋅ The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker LittleLooter |
| 2021-08-04 ⋅ BlackHat ⋅ The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker LittleLooter |
| 2021-08-04 ⋅ Security Intelligence ⋅ ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group LittleLooter |
| 2021-02-28 ⋅ PWC UK ⋅ Cyber Threats 2020: A Year in Retrospect elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare |
| 2020-12-12 ⋅ Twitter (MalwareHunterTeam) ⋅ Tweet on ITG18 android implant LittleLooter |
| 2020-03-04 ⋅ CrowdStrike ⋅ 2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot vidar Winnti ANTHROPOID SPIDER APT31 APT39 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group Leviathan MONTY SPIDER Mustang Panda NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER Pirate Panda SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER |
| 2020-03-03 ⋅ PWC UK ⋅ Cyber Threats 2019:A Year in Retrospect KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare Axiom |
| 2020-01-30 ⋅ Certfa Lab ⋅ Fake Interview: The New Activity of Charming Kitten Unidentified 073 (Charming Kitten) |
| 2019-07-09 ⋅ Wikipedia ⋅ Operation Newscaster Charming Kitten |
| 2019-03-27 ⋅ Symantec ⋅ Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S. DarkComet MimiKatz Nanocore RAT NetWire RC pupy Quasar RAT Remcos StoneDrill TURNEDUP APT33 |
| 2019-03-27 ⋅ Microsoft ⋅ New steps to protect customers from hacking Charming Kitten Cleaver |
| 2019-02-13 ⋅ Department of Justice ⋅ Former U.S. Counterintelligence Agent Charged With Espionage on Behalf of Iran; Four Iranians Charged With a Cyber Campaign Targeting Her Former Colleagues Charming Kitten |
| 2019 ⋅ Council on Foreign Relations ⋅ Newscaster Charming Kitten |
| 2019 ⋅ MITRE ⋅ Group description: Charming Kitten Charming Kitten |
| 2018-12-14 ⋅ Symantec ⋅ Shamoon: Destructive Threat Re-Emerges with New Sting in its Tail DistTrack Filerase StoneDrill OilRig |
| 2018-12-13 ⋅ Certfa ⋅ The Return of The Charming Kitten Charming Kitten |
| 2018-07-03 ⋅ Cyware ⋅ Iranian APT Charming Kitten impersonates ClearSky, the security firm that uncovered its campaigns Charming Kitten |
| 2017-12-05 ⋅ Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets DownPaper |
| 2017-12 ⋅ ClearSky ⋅ Charming Kitten DownPaper Charming Kitten |
| 2017-11-19 ⋅ Arab News ⋅ Iranian agents blackmailed BBC reporter with ‘naked photo’ threats Charming Kitten |
| 2017-08-08 ⋅ SC Magazine ⋅ HBO breach accomplished with hard work by hacker, poor security practices by victim Charming Kitten |
| 2017-07-27 ⋅ Forbes ⋅ With Fake News And Femmes Fatales, Iran's Spies Learn To Love Facebook Charming Kitten |
| 2017-03-07 ⋅ Kaspersky Labs ⋅ From Shamoon to Stonedrill Charming Kitten |
| 2017-03-07 ⋅ Kaspersky Labs ⋅ FROM SHAMOON TO STONEDRILL: Wipers attacking Saudi organizations and beyond StoneDrill |
| 2017-02-06 ⋅ Iran Threats ⋅ iKittens: Iranian Actor Resurfaces with Malware for Mac (MacDownloader) MacDownloader Charming Kitten |
| 2016-04-27 ⋅ Kaspersky Labs ⋅ Freezer Paper around Free Meat (Repackaging Open Source BeEF for Tracking and More) Charming Kitten |
| 2016-04-27 ⋅ Kaspersky Labs ⋅ Freezer Paper around Free Meat Charming Kitten |
| 2016-04 ⋅ Bundesamt für Verfassungsschutz ⋅ BfV Cyber-Brief: Hinweis auf aktuelle Angriffskampagne Charming Kitten |
| 2014-05-29 ⋅ The Washington Times ⋅ Iranian hackers sucker punch U.S. defense officials with creative social-media scam Charming Kitten |
| 2014-05-28 ⋅ iSIGHT Partners (FireEye) ⋅ NEWSCASTER: An Iranian Threat Within Social Networks Charming Kitten |
| 2012-11-25 ⋅ Cryptome ⋅ Parastoo Hacks IAEA Charming Kitten |