| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOIS). A key feature of UNC1860 is its collection of specialized tooling and passive backdoors that Mandiant believes supports several objectives, including its role as a probable initial access provider and its ability to gain persistent access to high-priority networks, such as those in the government and telecommunications space throughout the Middle East.
| 2024-09-19
⋅
Mandiant
⋅
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks CRYPTOSLAY PipeSnoop TEMPLEDOOR UNC1860 |