SYMBOLCOMMON_NAMEaka. SYNONYMS

MosesStaff  (Back to overview)

aka: Moses Staff

Cybereason Nocturnus describes Moses Staff as an Iranian hacker group, first spotted in October 2021. Their motivation appears to be to harm Israeli companies by leaking sensitive, stolen data.


Associated Families
win.strifewater_rat

References
2023-01-26SecureworksSecureWorks' Counter Threat Unit Research Team
@online{team:20230126:abrahams:8f8b2e6, author = {SecureWorks' Counter Threat Unit Research Team}, title = {{Abraham's Ax Likely Linked to Moses Staff}}, date = {2023-01-26}, organization = {Secureworks}, url = {https://www.secureworks.com/blog/abrahams-ax-likely-linked-to-moses-staff}, language = {English}, urldate = {2023-03-29} } Abraham's Ax Likely Linked to Moses Staff
StrifeWater RAT
2022-02-15FortinetRotem Sde-Or
@online{sdeor:20220215:guard:196af7f, author = {Rotem Sde-Or}, title = {{Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months}}, date = {2022-02-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/guard-your-drive-from-driveguard}, language = {English}, urldate = {2022-03-02} } Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months
StrifeWater RAT MosesStaff
2022-02-01CybereasonTom Fakterman
@online{fakterman:20220201:strifewater:a2694c3, author = {Tom Fakterman}, title = {{StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations}}, date = {2022-02-01}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/strifewater-rat-iranian-apt-moses-staff-adds-new-trojan-to-ransomware-operations}, language = {English}, urldate = {2022-02-02} } StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations
StrifeWater RAT MosesStaff
2021-11-15Check Point ResearchCheck Point Research
@online{research:20211115:uncovering:b8d5b9b, author = {Check Point Research}, title = {{Uncovering MosesStaff techniques: Ideology over Money}}, date = {2021-11-15}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/mosesstaff-targeting-israeli-companies/}, language = {English}, urldate = {2021-11-17} } Uncovering MosesStaff techniques: Ideology over Money
DCSrv MosesStaff
2021-10-19Twitter (@campuscodi)Catalin Cimpanu
@online{cimpanu:20211019:moses:35089a3, author = {Catalin Cimpanu}, title = {{Tweet on Moses Staff}}, date = {2021-10-19}, organization = {Twitter (@campuscodi)}, url = {https://twitter.com/campuscodi/status/1450455259202166799}, language = {English}, urldate = {2022-03-07} } Tweet on Moses Staff
MosesStaff

Credits: MISP Project