SYMBOLCOMMON_NAMEaka. SYNONYMS
vbs.starwhale (Back to overview)

STARWHALE

aka: Canopy, SloughRAT

Actor(s): MuddyWater

There is no description at this point.

References
2022-03-12GovInfo SecurityPrajeet Nair
@online{nair:20220312:iranian:86d630b, author = {Prajeet Nair}, title = {{Iranian APT: New Methods to Target Turkey, Arabian Peninsula}}, date = {2022-03-12}, organization = {GovInfo Security}, url = {https://www.govinfosecurity.com/iranian-apt-new-methods-to-target-turkey-arabian-peninsula-a-18706}, language = {English}, urldate = {2022-03-14} } Iranian APT: New Methods to Target Turkey, Arabian Peninsula
STARWHALE
2022-03-10TechRepublicBrian Stone
@online{stone:20220310:muddywater:7f13598, author = {Brian Stone}, title = {{MuddyWater targets Middle Eastern and Asian countries in phishing attacks}}, date = {2022-03-10}, organization = {TechRepublic}, url = {https://www.techrepublic.com/article/muddywater-targets-middle-eastern-and-asian-countries-in-phishing-attacks/}, language = {English}, urldate = {2022-03-14} } MuddyWater targets Middle Eastern and Asian countries in phishing attacks
STARWHALE
2022-03-10The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20220310:iranian:b7eb161, author = {Ravie Lakshmanan}, title = {{Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign}}, date = {2022-03-10}, organization = {The Hacker News}, url = {https://thehackernews.com/2022/03/iranian-hackers-targeting-turkey-and.html}, language = {English}, urldate = {2022-03-14} } Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
STARWHALE
2022-03-10RootdemonRootdaemon
@online{rootdaemon:20220310:iranian:6b53790, author = {Rootdaemon}, title = {{Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign}}, date = {2022-03-10}, organization = {Rootdemon}, url = {https://rootdaemon.com/2022/03/10/iranian-hackers-targeting-turkey-and-arabian-peninsula-in-new-malware-campaign/}, language = {English}, urldate = {2022-03-17} } Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
STARWHALE
2022-03-10TalosVitor Ventura, Asheer Malhotra, Arnaud Zobec
@online{ventura:20220310:iranian:02ae681, author = {Vitor Ventura and Asheer Malhotra and Arnaud Zobec}, title = {{Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups}}, date = {2022-03-10}, organization = {Talos}, url = {https://blog.talosintelligence.com/iranian-supergroup-muddywater/}, language = {English}, urldate = {2022-12-02} } Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
STARWHALE
2022-02-25infoRisk TODAYPrajeet Nair
@online{nair:20220225:muddywater:62fb30e, author = {Prajeet Nair}, title = {{MuddyWater Targets Critical Infrastructure in Asia, Europe}}, date = {2022-02-25}, organization = {infoRisk TODAY}, url = {https://www.inforisktoday.com/muddywater-targets-critical-infrastructure-in-asia-europe-a-18611}, language = {English}, urldate = {2022-03-04} } MuddyWater Targets Critical Infrastructure in Asia, Europe
POWERSTATS PowGoop STARWHALE GRAMDOOR MoriAgent
2022-02-24MandiantRyan Tomcik, Emiel Haeghebaert, Tufail Ahmed
@online{tomcik:20220224:left:dfe77e0, author = {Ryan Tomcik and Emiel Haeghebaert and Tufail Ahmed}, title = {{Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity}}, date = {2022-02-24}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/telegram-malware-iranian-espionage}, language = {English}, urldate = {2022-03-01} } Left On Read: Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity
STARWHALE GRAMDOOR

There is no Yara-Signature yet.