SYMBOLCOMMON_NAMEaka. SYNONYMS

MosesStaff  (Back to overview)

aka: Moses Staff

Cybereason Nocturnus describes Moses Staff as an Iranian hacker group, first spotted in October 2021. Their motivation appears to be to harm Israeli companies by leaking sensitive, stolen data.

Associated Families
win.strifewater_rat
References
2022-02-15FortinetRotem Sde-Or
@online{sdeor:20220215:guard:196af7f, author = {Rotem Sde-Or}, title = {{Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months}}, date = {2022-02-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/guard-your-drive-from-driveguard}, language = {English}, urldate = {2022-03-02} } Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months
StrifeWater RAT MosesStaff
2022-02-01CybereasonTom Fakterman
@online{fakterman:20220201:strifewater:a2694c3, author = {Tom Fakterman}, title = {{StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations}}, date = {2022-02-01}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/strifewater-rat-iranian-apt-moses-staff-adds-new-trojan-to-ransomware-operations}, language = {English}, urldate = {2022-02-02} } StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations
StrifeWater RAT MosesStaff
2021-11-15Check Point ResearchCheck Point Research
@online{research:20211115:uncovering:b8d5b9b, author = {Check Point Research}, title = {{Uncovering MosesStaff techniques: Ideology over Money}}, date = {2021-11-15}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/mosesstaff-targeting-israeli-companies/}, language = {English}, urldate = {2021-11-17} } Uncovering MosesStaff techniques: Ideology over Money
DCSrv MosesStaff
2021-10-19Twitter (@campuscodi)Catalin Cimpanu
@online{cimpanu:20211019:moses:35089a3, author = {Catalin Cimpanu}, title = {{Tweet on Moses Staff}}, date = {2021-10-19}, organization = {Twitter (@campuscodi)}, url = {https://twitter.com/campuscodi/status/1450455259202166799}, language = {English}, urldate = {2022-03-07} } Tweet on Moses Staff
MosesStaff
Credits: MISP Project